mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-28 23:08:55 +00:00
4de6d12569
-- Provided by anonymous 82013 () git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@342279 c90b9560-bf6c-de11-be94-00142212c4b1
338 lines
7.5 KiB
XML
338 lines
7.5 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- $Revision$ -->
|
|
|
|
<chapter xml:id="taint.detail" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
|
|
<title>More Details</title>
|
|
|
|
<section xml:id="taint.detail.basic">
|
|
<title>Functions and Statements which will spread the tainted mark of a
|
|
tainted string</title>
|
|
<para>
|
|
<table>
|
|
<title></title>
|
|
<tgroup cols="2">
|
|
<colspec colname="name"/>
|
|
<colspec colname="version"/>
|
|
<thead>
|
|
<row>
|
|
<entry>Function/Statement</entry>
|
|
<entry>Since</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
<row>
|
|
<entry>= (assign)</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>. (concat)</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>"{$var}" (variable substitution)</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>.= (assign concat)</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>strval</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>explode/split</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>implode/join</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>sprintf</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>vsprintf</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>trim</entry>
|
|
<entry>0.4.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>rtrim</entry>
|
|
<entry>0.4.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>ltrim</entry>
|
|
<entry>0.4.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>strstr</entry>
|
|
<entry>0.5.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>str_pad</entry>
|
|
<entry>0.5.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>str_replace</entry>
|
|
<entry>0.5.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>substr</entry>
|
|
<entry>0.5.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>strtolower</entry>
|
|
<entry>0.5.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>strtoupper</entry>
|
|
<entry>0.5.0</entry>
|
|
</row>
|
|
</tbody>
|
|
</tgroup>
|
|
</table>
|
|
</para>
|
|
</section>
|
|
|
|
<section xml:id="taint.detail.taint">
|
|
<title>Functions and statements which will check tainted string</title>
|
|
<para>
|
|
<table>
|
|
<title></title>
|
|
<tgroup cols="2">
|
|
<colspec colname="name"/>
|
|
<colspec colname="version"/>
|
|
<thead>
|
|
<row>
|
|
<entry>Function/Statement</entry>
|
|
<entry>Since</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
<row>
|
|
<entry namest="name" nameend="version">Basic statments</entry>
|
|
</row>
|
|
<row>
|
|
<entry>eval</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>include/include_once</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>require/require_once</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<!--end basic -->
|
|
|
|
<row>
|
|
<entry namest="name" nameend="version">Outputing Functions</entry>
|
|
</row>
|
|
<row>
|
|
<entry>echo</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>print</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>printf</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>file_put_contents</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<!-- end outputing -->
|
|
<row>
|
|
<entry namest="name" nameend="version">File System Functions</entry>
|
|
</row>
|
|
<row>
|
|
<entry>fopen</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>opendir</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>basename</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>dirname</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>file</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>pathinfo</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<!-- end file system -->
|
|
<row>
|
|
<entry namest="name" nameend="version">Database relevant Functions</entry>
|
|
</row>
|
|
<row>
|
|
<entry>mysql_query</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>mysqli_query/MySQLi::query</entry>
|
|
<entry>0.2.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>sqlite_query/SqliteDataBase::query</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>sqlite_single_query/SqliteDataBase::singleQuery</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>oci_parse</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>PDO::query</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>PDO::prepare</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>SQLite3::query</entry>
|
|
<entry>2.0.1</entry>
|
|
</row>
|
|
<row>
|
|
<entry>SQLite3::prepare</entry>
|
|
<entry>2.0.1</entry>
|
|
</row>
|
|
<!-- end database -->
|
|
<row>
|
|
<entry namest="name" nameend="version">Command Line relevant Functions</entry>
|
|
</row>
|
|
<row>
|
|
<entry>system</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>exec</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>proc_open</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>passthru</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>shell_exec</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<!-- end command line -->
|
|
|
|
</tbody>
|
|
</tgroup>
|
|
</table>
|
|
</para>
|
|
</section>
|
|
|
|
<section xml:id="taint.detail.untaint">
|
|
<title>Functions which untaint the tainted string</title>
|
|
<para>
|
|
<table>
|
|
<title></title>
|
|
<tgroup cols="2">
|
|
<colspec colname="name"/>
|
|
<colspec colname="version"/>
|
|
<thead>
|
|
<row>
|
|
<entry>Function</entry>
|
|
<entry>Since</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
<row>
|
|
<entry>addslashes</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>addcslashes</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>htmlspecialchars</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>htmlentities</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>escapeshellcmd</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>mysql_escape_string</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>mysql_real_escape_string</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>mysqli_escape_string/MySQLi::escape_string</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>mysqli_real_escape_string/MySQLi::real_escape_string</entry>
|
|
<entry>0.1.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>sqlite_escape_string/SqliteDataBase::escapeString</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
<row>
|
|
<entry>PDO::quote</entry>
|
|
<entry>0.3.0</entry>
|
|
</row>
|
|
</tbody>
|
|
</tgroup>
|
|
</table>
|
|
</para>
|
|
|
|
</section>
|
|
</chapter>
|
|
|
|
<!-- Keep this comment at the end of the file
|
|
Local variables:
|
|
mode: sgml
|
|
sgml-omittag:t
|
|
sgml-shorttag:t
|
|
sgml-minimize-attributes:nil
|
|
sgml-always-quote-attributes:t
|
|
sgml-indent-step:1
|
|
sgml-indent-data:t
|
|
indent-tabs-mode:nil
|
|
sgml-parent-document:nil
|
|
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
|
|
sgml-exposed-tags:nil
|
|
sgml-local-catalogs:nil
|
|
sgml-local-ecat-files:nil
|
|
End:
|
|
vim600: syn=xml fen fdm=syntax fdl=2 si
|
|
vim: et tw=78 syn=sgml
|
|
vi: ts=1 sw=1
|
|
-->
|