sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-16 00:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add security warning

Browse source 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@150175 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Stefan Walk 2004-01-30 18:09:45 +00:00
parent 0d052bc170
commit 71ff7bc597
1 changed files with 12 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
reference/array/functions/extract.xml
View file

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.12 $ -->
<!-- $Revision: 1.13 $ -->
<!-- splitted from ./en/functions/array.xml, last change in rev 1.2 -->
<refentry id="function.extract">
<refnamediv>
@ -147,6 +147,17 @@
<function>extract</function> returns the number of variables
successfully imported into the symbol table.
</para>
<warning>
<para>
Do not use extract on untrusted data, like user-input ($_GET, ...).
If you do it, for example if you want to run old code that relies on
<link linkend="security.registerglobals">""register_globals</link>
temporarily, make sure you use one of the non-overwriting
<parameter>extract_type</parameter>s like EXTR_SKIP, and be aware that
you should now extract $_SERVER, $_SESSION, $_COOKIE, $_POST and $_GET
in that order.
</para>
</warning>
<para>
A possible use for <function>extract</function> is to import into the
symbol table variables contained in an associative array returned by