Home > Developer > PHP

Explanation of PHP binary security

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Explanation of PHP binary security Explanation 1:

PHP has the concept of string.

In string, the size of each Character is byte (compared with PHP, each Character in Java is Character, UTF8, and each Character in C can be selected during compilation ).
Byte contains ASCII characters, such as ABC, 123, abc, and some special characters, such as carriage return and return.
Many special characters cannot be displayed. In other words, there is no standard for their display methods. for example, if encoding 65 is A letter everywhere, encoding 97 is a character everywhere, and the backspace is displayed as A symbol in some places, in some cases, the previous character is actually removed.
PHP is based on C, so many descriptions are compared with C. A typical definition of a string in C is to end with a code 0 as the string. Assume that the three characters in a string are encoded as, 0, and 97 respectively. If the str_replace function in C is used to replace 97 with 98, then when this function is read to 0, it is deemed to have ended, and then it will get 98,0, 97. The str_replace in PHP is binary safe, so this 0 is not considered as a special ending symbol, so the result is 98,0, 98.
[Binary security] in the PHP document, it basically means that functions similar to functions in the C language are specially processed for some characters, while the PHP function treats all characters equally, you don't have to worry about the impact of special characters on processing, especially the encoding of 0 characters.

Explanation 2:

The strlen function in c is not binary safe because it depends on the special character '\ 0' to determine whether the string ends,

So for str = "1234 \ 0123", strlen (str) = 4

In php, the strlen function is binary safe because it does not explain any characters (including '\ 0,

So in php, strlen (str) = 8

Therefore, what I understand about binary security means: only binary strings are concerned, but not specific formats,

Only binary data is strictly accessed. It does not attempt to parse data in a special format.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More