Community Learn Tools Library Leisure

English

Home > Backend Development > PHP Tutorial > php代码优化

php代码优化

WBOY

Release： 2016-06-23 14:30:39

Original

974 people have browsed it

下面这一小段“劣质”的PHP代码是一道简化了的测试题。这种问题就像在问：你该怎样优化这段代码？

echo(”

Search results for query: ” .
$_GET['query'] . “.

”);
?>

　　这段代码的主要问题在于它把用户提交的数据直接显示到了网页上，从而产生XSS漏洞。其实有很多方法可以填补这个漏洞。那么，什么代码是我们想要的呢？

echo(”

Search results for query: ” .
htmlspecialchars($_GET['query']) . “.

”);
?>

　　这是最低要求。XSS漏洞用htmlspecialchars函数填补了，从而屏蔽了非法字符。

if (isset($_GET['query']))
{
echo ‘

Search results for query: ‘,
htmlspecialchars($_GET['query'], ENT_QUOTES), ‘.

’;
}
?>

　　能写出这样代码的人应该是我想要录用的人了。

　　可惜的是，能给出这样让人满意答复的程序员少之又少

Related labels：

php code optimization

source：php.cn

Previous article：php的strtotime问题 Next article：PHP安全编程

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

What is the format of the variables in the return value? I am a new learner of php. I found a piece of code: if($x<time()){return[false,'error']...

From 2024-04-06 21:55:20

0

1

778

Using variables defined in methods in templates This is my first time using Vue (v2 not v3) and I've been trying to use variables inside t...

From 2024-04-06 18:10:25

0

2

513

Group MySQL results by ID for looping over I have a table with flight data in mysql. I'm writing a php code that will group and displ...

From 2024-04-06 17:27:56

0

1

406

Submit form without button using Javascript/Jquery I'm trying to submit a form without a button by calling a JavaScript function and executin...

From 2024-04-06 14:54:03

0

2

421

How to know when a Vue component is fully initialized? So, in my Vue component, I have an async created method and several variables with async w...

From 2024-04-05 14:20:24

0

1

1442

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template