¿Que riesgo hay en usar extract con las variables superglobales de php?

Posted by Carlos Montalvo on Stack Overflow See other posts from Stack Overflow or by Carlos Montalvo
Published on 2010-05-29T06:00:34Z Indexed on 2010/05/29 6:02 UTC
Read the original article Hit count: 275

Filed under:
|

Hola usando estas funciones, que riesgo corro en tener problemas de seguridad, es necesesario usar extract() o hay alguna manera mejor de convertir las variables superglobales (array) en trozos de variables.

if ( get_magic_quotes_gpc() ) {
 $_GET = stripslashes( $_GET );
 $_POST =stripslashes( $_POST );
}

  function vars_globals($value = '') {

if (is_array ( $value )) $r = &$value; else parse_str ( $value, $r );

return $r; }

$r = vars_globals( $_GET );

extract($r, EXTR_SKIP);

© Stack Overflow or respective owner

Related posts about php

Related posts about extract