要防止受到 XSS 攻击,只要变量的值将被打印到输出中,就需要通过 htmlentities() 函数过滤输入。
To guard yourself against XSS attacks, filter your input through the htmlentities() function whenever the value of a variable is printed to the output.
如果变量是在初始化之前使用的,那就会产生语义错误,使用值为0来创建这个变量,并打印一条消息。
If a variable is used before it is initialized, a semantic error is generated, the variable is created with a value of zero, and a message is printed.
显然,由于它们是变量中的值,您可以轻松地将 result 对象的内容记录入日志,或者在 GUI 中显示,不管怎么样,不是仅仅打印到 STDOUT。
Obviously, since they are values in variables, you could easily log the contents of the result object, send them as e-mail, display them in a GUI, or whatever, rather than simply print to STDOUT.
So don't underestimate the value for the next week or two of just inserting printf statements into your code temporarily just to print out what the value of some variable is, or some expression is, so that you can just do a sanity check.
所以不要低估下一两周的重要性,虽然我们只将“printf“语句暂时地植入到,我们的代码中,只是用来打印一些,变量或表达式的值,所以你们提醒一下自己。
应用推荐