In php, parse_str parses the query string to the variable. In the fourth phase of the PHP built-in function research series, the parse_str function is used to parse the query string to the variable. This article mainly discusses the functions and usage of the parse_str () function. The parse_str () function parses the query string into the variable using the PHP function parse_str in the fourth phase of the PHP built-in function Research Series. it mainly discusses the functions and usage of the parse_str () function.
The parse_str () function parses strings into variables, which means a conversion mechanism between strings and variables is implemented, data is passed in the form of a string, such as GET request, and then on the server side through $ _ GET/$ _ POST and other global variables to achieve string and variable conversion, such as: http://www.liuhui.info /? Index. php? Var1 = 1 & var2 = 2. after the request, the server can use $ _ GET ['var1'] to obtain the string var1 = 1 & var2 = 2 and convert it to a variable. The parse_str () function can implement the sample function. you can directly convert strings and variables by using the parse_str () function to parse the value of $ _ SERVER ['query _ string, for example, $ var1.
I. function prototype
The code is as follows: |
|
Void parse_str (string str [, array & arr]) |
2. version compatibility
PHP 3, PHP 4, PHP 5
III. basic function usage and examples
1. parse the string as a variable.
The code is as follows: |
|
Parse_str ("var1 = liuhui & var2 = parse_str "); Echo $ var1. $ var2; ?> |
2. parse the string and store the variable in the array.
The code is as follows: |
|
Parse_str ("var1 = liuhui & var2 = parse_str", $ array ); Print_r ($ array ); ?> Output: Array ([var1] => liuhui [var2] => parse_str)
|
Note: This variable is added only when it is stored in the array in PHP 4.0.3.
3. the parsed string contains spaces.
The code is as follows: |
|
Parse_str ("v ar1 = liuhui & var 2 = parse_str", $ array ); Print_r ($ array ); ?> Output: Array ([v_ar1] => liuhui [var_2] => parse_str) |
Note: Convert spaces to underscores _
IV. Notes
1. if the array parameter is not set, the variables set by this function will overwrite the variables with the same name.
2. the magic_quotes_gpc setting in php. ini affects the output of this function. If enabled, the variable will be converted by addslashes () before parse_str () resolution.
3. the parse_str () function has a vulnerability in processing parameters. Attackers can exploit this vulnerability to enable register_globals and further exploit the vulnerability in other PHP scripts. If only one parameter is used to call parse_str (), the function will consider that the parameter is parsed as the provided string through the request string transmitted by the URL, but external attackers can call parse_str () send many request variables to trigger the termination of the memory_limit request. If the request is disabled during the call of parse_str (), the register_globals label will be enabled all the time during the rest of the lifecycle of the related webserver process.
Functions and usage of lift. The parse_str () function can implement...