study/uTools-Manuals
1
0
Fork 0
mirror of https://github.com/fofolee/uTools-Manuals.git synced 2025-06-19 06:16:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
uTools-Manuals/docs/php/extract.html
fofolee f782158fb7 v0.0.2
2019-04-28 19:00:34 +08:00

337 lines
16 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>从数组中将变量导入到当前的符号表</title>
</head>
<body class="docs"><div id="layout">
<div id="layout-content"><div id="function.extract" class="refentry">
<div class="refnamediv">
<h1 class="refname">extract</h1>
<p class="verinfo">(PHP 4, PHP 5, PHP 7)</p><p class="refpurpose"><span class="refname">extract</span> &mdash; <span class="dc-title">从数组中将变量导入到当前的符号表</span></p>
</div>
<div class="refsect1 description" id="refsect1-function.extract-description">
<h3 class="title">说明</h3>
<div class="methodsynopsis dc-description">
<span class="methodname"><strong>extract</strong></span>
( <span class="methodparam"><span class="type">array</span> <code class="parameter reference">&$array</code></span>
[, <span class="methodparam"><span class="type">int</span> <code class="parameter">$flags</code><span class="initializer"> = EXTR_OVERWRITE</span></span>
[, <span class="methodparam"><span class="type">string</span> <code class="parameter">$prefix</code><span class="initializer"> = <strong><code>NULL</code></strong></span></span>
]] ) : <span class="type">int</span></div>
<p class="para rdfs-comment">
本函数用来将变量从数组中导入到当前的符号表中。
</p>
<p class="para">
检查每个键名看是否可以作为一个合法的变量名,同时也检查和符号表中已有的变量名的冲突。
</p>
</div>
<div class="refsect1 parameters" id="refsect1-function.extract-parameters">
<h3 class="title">参数</h3>
<p class="para">
<dl>
<dt>
<code class="parameter">array</code></dt>
<dd>
<p class="para">
一个关联数组。此函数会将键名当作变量名,值作为变量的值。
对每个键/值对都会在当前的符号表中建立变量,并受到
<code class="parameter">flags</code><code class="parameter">prefix</code> 参数的影响。
</p>
<p class="para">
必须使用关联数组,数字索引的数组将不会产生结果,除非用了
<strong><code>EXTR_PREFIX_ALL</code></strong> 或者 <strong><code>EXTR_PREFIX_INVALID</code></strong>
</p>
</dd>
<dt>
<code class="parameter">flags</code></dt>
<dd>
<p class="para">
对待非法/数字和冲突的键名的方法将根据取出标记
<code class="parameter">flags</code> 参数决定。可以是以下值之一:
<dl>
<dt>
<strong><code>EXTR_OVERWRITE</code></strong></dt>
<dd>
<span class="simpara">
如果有冲突,覆盖已有的变量。
</span>
</dd>
<dt>
<strong><code>EXTR_SKIP</code></strong></dt>
<dd>
<span class="simpara">
如果有冲突,不覆盖已有的变量。
</span>
</dd>
<dt>
<strong><code>EXTR_PREFIX_SAME</code></strong></dt>
<dd>
<span class="simpara">如果有冲突,在变量名前加上前缀 <code class="parameter">prefix</code>
</span>
</dd>
<dt>
<strong><code>EXTR_PREFIX_ALL</code></strong></dt>
<dd>
<span class="simpara">
给所有变量名加上前缀
<code class="parameter">prefix</code>
</span>
</dd>
<dt>
<strong><code>EXTR_PREFIX_INVALID</code></strong></dt>
<dd>
<span class="simpara">
仅在非法/数字的变量名前加上前缀 <code class="parameter">prefix</code>
</span>
</dd>
<dt>
<strong><code>EXTR_IF_EXISTS</code></strong></dt>
<dd>
<span class="simpara">
仅在当前符号表中已有同名变量时,覆盖它们的值。其它的都不处理。
举个例子,以下情况非常有用:定义一些有效变量,然后从 <var class="varname"><var class="varname"><a href="reserved.variables.request.html" class="classname">$_REQUEST</a></var></var> 中仅导入这些已定义的变量。
</span>
</dd>
<dt>
<strong><code>EXTR_PREFIX_IF_EXISTS</code></strong></dt>
<dd>
<span class="simpara">
仅在当前符号表中已有同名变量时,建立附加了前缀的变量名,其它的都不处理。
</span>
</dd>
<dt>
<strong><code>EXTR_REFS</code></strong></dt>
<dd>
<span class="simpara">
将变量作为引用提取。这有力地表明了导入的变量仍然引用了
<code class="parameter">array</code> 参数的值。可以单独使用这个标志或者在
<code class="parameter">flags</code> 中用 OR 与其它任何标志结合使用。
</span>
</dd>
</dl>
</p>
<p class="para">
如果没有指定 <code class="parameter">flags</code>,则被假定为 <strong><code>EXTR_OVERWRITE</code></strong>
</p>
</dd>
<dt>
<code class="parameter">prefix</code></dt>
<dd>
<p class="para">
注意 <code class="parameter">prefix</code> 仅在
<code class="parameter">flags</code> 的值是
<strong><code>EXTR_PREFIX_SAME</code></strong><strong><code>EXTR_PREFIX_ALL</code></strong><strong><code>EXTR_PREFIX_INVALID</code></strong>
<strong><code>EXTR_PREFIX_IF_EXISTS</code></strong>
时需要。
如果附加了前缀后的结果不是合法的变量名,将不会导入到符号表中。前缀和数组键名之间会自动加上一个下划线。
</p>
</dd>
</dl>
</p>
</div>
<div class="refsect1 returnvalues" id="refsect1-function.extract-returnvalues">
<h3 class="title">返回值</h3>
<p class="para">
返回成功导入到符号表中的变量数目。
</p>
</div>
<div class="refsect1 examples" id="refsect1-function.extract-examples">
<h3 class="title">范例</h3>
<p class="para">
<div class="example" id="example-6096">
<p><strong>Example #1 <span class="function"><strong>extract()</strong></span> 例子</strong></p>
<div class="example-contents"><p>
<span class="function"><strong>extract()</strong></span> 的一种可能用法是将 <span class="function"><a href="wddx_deserialize.html" class="function">wddx_deserialize()</a></span>
返回的结合数组中的内容导入到符号表变量中去。
</p></div>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /><br /></span><span style="color: #FF8000">/*&nbsp;假定&nbsp;$var_array&nbsp;&nbsp;wddx_deserialize&nbsp;返回的数组*/<br /><br /></span><span style="color: #0000BB">$size&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"large"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$var_array&nbsp;</span><span style="color: #007700">=&nbsp;array(</span><span style="color: #DD0000">"color"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"blue"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"size"&nbsp;&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"medium"</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"shape"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #DD0000">"sphere"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">extract</span><span style="color: #007700">(</span><span style="color: #0000BB">$var_array</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">EXTR_PREFIX_SAME</span><span style="color: #007700">,&nbsp;</span><span style="color: #DD0000">"wddx"</span><span style="color: #007700">);<br /><br />echo&nbsp;</span><span style="color: #DD0000">"</span><span style="color: #0000BB">$color</span><span style="color: #DD0000">,&nbsp;</span><span style="color: #0000BB">$size</span><span style="color: #DD0000">,&nbsp;</span><span style="color: #0000BB">$shape</span><span style="color: #DD0000">,&nbsp;</span><span style="color: #0000BB">$wddx_size</span><span style="color: #DD0000">\n"</span><span style="color: #007700">;<br /><br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
<div class="example-contents"><p>以上例程会输出:</p></div>
<div class="example-contents screen">
<div class="cdata"><pre>
blue, large, sphere, medium
</pre></div>
</div>
<div class="example-contents"><p>
<var class="varname"><var class="varname">$size</var></var> 没有被覆盖,因为指定了
<strong><code>EXTR_PREFIX_SAME</code></strong>,这使得 <var class="varname"><var class="varname">$wddx_size</var></var>
被建立。如果指定了 <strong><code>EXTR_SKIP</code></strong>,则 <var class="varname"><var class="varname">$wddx_size</var></var>
也不会被建立。<strong><code>EXTR_OVERWRITE</code></strong> 将使 <var class="varname"><var class="varname">$size</var></var>
的值为“medium”<strong><code>EXTR_PREFIX_ALL</code></strong> 将建立新变量
<var class="varname"><var class="varname">$wddx_color</var></var><var class="varname"><var class="varname">$wddx_size</var></var>
<var class="varname"><var class="varname">$wddx_shape</var></var>
</p></div>
</div>
</p>
</div>
<div class="refsect1 notes" id="refsect1-function.extract-notes">
<h3 class="title">注释</h3>
<div class="warning"><strong class="warning">Warning</strong>
<p class="para">
不要对不能信任的数据使用
<span class="function"><strong>extract()</strong></span>,例如用户的输入(<var class="varname"><var class="varname"><a href="reserved.variables.get.html" class="classname">$_GET</a></var></var> <var class="varname"><var class="varname"><a href="reserved.variables.files.html" class="classname">$_FILES</a></var></var>...)。如果这样做,举例说,要临时运行依赖于
<a href="security.globals.html" class="link">register_globals</a>
的老代码,要确保使用不会覆盖的
<code class="parameter">extract_type</code> 值,例如
<strong><code>EXTR_SKIP</code></strong>,并且要留意应该按照 <a href="ini.core.html#ini.variables_order" class="link">variables_order</a><a href="ini.html" class="link"><var class="filename">php.ini</var></a>
定义的顺序来提取。
</p>
</div>
<blockquote class="note"><p><strong class="note">Note</strong>:
<p class="para">
If you still
have <a href="security.globals.html" class="link">register_globals</a>
and it is turned on, if you use <span class="function"><strong>extract()</strong></span>
on <var class="varname"><var class="varname"><a href="reserved.variables.files.html" class="classname">$_FILES</a></var></var> and
specify <strong><code>EXTR_SKIP</code></strong>, you may be surprised at
the results.
</p>
<div class="warning"><strong class="warning">Warning</strong>
<p class="para">
This is not recommended practice and is only documented here for
completeness. The use
of <a href="security.globals.html" class="link">register_globals</a> is
deprecated and calling <span class="function"><strong>extract()</strong></span> on untrusted
data such as <var class="varname"><var class="varname"><a href="reserved.variables.files.html" class="classname">$_FILES</a></var></var> is, as noted above, a
potential security risk. If you encounter this issue, it means
that you are using at least two poor coding practices.
</p>
</div>
<div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /><br /></span><span style="color: #FF8000">/*&nbsp;Suppose&nbsp;that&nbsp;$testfile&nbsp;is&nbsp;the&nbsp;name&nbsp;of&nbsp;a&nbsp;file&nbsp;upload&nbsp;input<br />&nbsp;&nbsp;&nbsp;and&nbsp;that&nbsp;register_globals&nbsp;is&nbsp;turned&nbsp;on.&nbsp;*/<br /><br /></span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$testfile</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">extract</span><span style="color: #007700">(</span><span style="color: #0000BB">$_FILES</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">EXTR_SKIP</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$testfile</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$testfile</span><span style="color: #007700">[</span><span style="color: #DD0000">'tmp_name'</span><span style="color: #007700">]);<br /><br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
</div>
<span class="simpara">
You might expect to see something like the following:
</span>
<div class="example-contents screen">
<div class="cdata"><pre>
string(14) &quot;/tmp/phpgCCPX8&quot;
array(5) {
[&quot;name&quot;]=&gt;
string(10) &quot;somefile.txt&quot;
[&quot;type&quot;]=&gt;
string(24) &quot;application/octet-stream&quot;
[&quot;tmp_name&quot;]=&gt;
string(14) &quot;/tmp/phpgCCPX8&quot;
[&quot;error&quot;]=&gt;
int(0)
[&quot;size&quot;]=&gt;
int(4208)
}
string(14) &quot;/tmp/phpgCCPX8&quot;
</pre></div>
</div>
<span class="simpara">
However, you would instead see something like this:
</span>
<div class="example-contents screen">
<div class="cdata"><pre>
string(14) &quot;/tmp/phpgCCPX8&quot;
string(14) &quot;/tmp/phpgCCPX8&quot;
string(1) &quot;/&quot;
</pre></div>
</div>
<p class="para">
This is due to the fact that
since <a href="security.globals.html" class="link">register_globals</a> is
turned on, <var class="varname"><var class="varname">$testfile</var></var> already exists in the
global scope when <span class="function"><strong>extract()</strong></span> is called. And
since <strong><code>EXTR_SKIP</code></strong> is
specified, <var class="varname"><var class="varname">$testfile</var></var> is not overwritten with
the contents of the <strong><code>$_FILES</code></strong> array
so <var class="varname"><var class="varname">$testfile</var></var> remains a string.
Because <a href="language.types.string.html#language.types.string.substr" class="link">strings may
be accessed using array syntax</a> and the non-numeric string
<em>tmp_name</em> is interpreted
as <em>0</em>, PHP
sees <var class="varname"><var class="varname">$testfile['tmp_name']</var></var>
as <var class="varname"><var class="varname">$testfile[0]</var></var>.
</p>
</p></blockquote>
</div>
<div class="refsect1 seealso" id="refsect1-function.extract-seealso">
<h3 class="title">参见</h3>
<p class="para">
<ul class="simplelist">
<li class="member"><span class="function"><a href="compact.html" class="function" rel="rdfs-seeAlso">compact()</a> - 建立一个数组,包括变量名和它们的值</span></li>
<li class="member"><span class="function"><a href="list.html" class="function" rel="rdfs-seeAlso">list()</a> - 把数组中的值赋给一组变量</span></li>
</ul>
</p>
</div>
</div></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink