我已经更新了Mamp服务器,现在我的php版本是php7.2.1。更新后,出现以下错误:
不建议使用:parse_str():在没有结果的情况下调用parse_str() 不推荐使用 /Applications/MAMP/htdocs/projects/functions/checklogin.php,第3行
来自此代码:
<?php
if(isset($_COOKIE[$cookie_name])){
parse_str($_COOKIE[$cookie_name]);
$result = mysqli_query($db, "SELECT * FROM `users` WHERE uid='$u' AND username='$u_name'");
if(mysqli_num_rows($result) == '0'){
header("Location: ".$base_url."logout.php");
}
}else{
header("Location: ".$base_url."logout.php");
}
?>
能帮我解决这个问题吗?
答案 0 :(得分:2)
什么是php文档说:
http://php.net/manual/en/migration72.deprecated.php
Without the second argument to parse_str(), the query string parameters would populate the local symbol table. Given the security implications of this, using parse_str() without a second argument has now been deprecated. The function should always be used with two arguments, as the second argument causes the query string to be parsed into an array.
您可以写parse_str($_COOKIE[$cookie_name], $myArray);代替parse_str($_COOKIE[$cookie_name]);来解决此问题
并在此行之后使用extract($myArray);;
<?php
if(isset($_COOKIE[$cookie_name])){
parse_str($_COOKIE[$cookie_name], $myArray);
extract($myArray);
$result = mysqli_query($db, "SELECT * FROM `users` WHERE uid='$u' AND username='$u_name'");
if(mysqli_num_rows($result) == '0'){
header("Location: ".$base_url."logout.php");
}
}else{
header("Location: ".$base_url."logout.php");
}
?>
此外,您应该使用prepare语句来保护您的网站。