当前位置: 文江博客话题详情

这行代码有什么意义呢?

发布于 2024-07-11 18:36:30 字数 190 浏览 5 评论 0原文

我在administrator/components/com_virtuemart/classes/ps_product.php的第2136行的Joomla Virtuemart插件中找到了这行代码

eval ("\$text_including_tax = \"$text_including_tax\";");
原文

I found this line of code in the Virtuemart plugin for Joomla on line 2136 in administrator/components/com_virtuemart/classes/ps_product.php

eval ("\$text_including_tax = \"$text_including_tax\";");

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(9

呢古 2024-07-18 18:36:30

废弃我之前的答案。

这个 eval() 出现在这里的原因在 php eval 文档 中显示,

这就是发生的事情

$text_including_tax = '$tax <a href="...">...</a>';

...

$tax = 10;

...

eval ("\$text_including_tax = \"$text_including_tax\";");

:此 $text_include_tax 的末尾等于:

"10 <a href="...">...</a>"

单引号可防止将 $tax 包含在字符串的原始定义中。 通过使用eval(),它会强制它重新计算字符串并将$tax 的值包含在字符串中。

我不喜欢这种特殊方法,但它是正确的。 另一种方法是使用 sprintf()

Scrap my previous answer.

The reason this eval() is here is shown in the php eval docs

This is what's happening:

$text_including_tax = '$tax <a href="...">...</a>';

...

$tax = 10;

...

eval ("\$text_including_tax = \"$text_including_tax\";");

At the end of this $text_including_tax is equal to:

"10 <a href="...">...</a>"

The single quotes prevents $tax being included in the original definition of the string. By using eval() it forces it to re-evaluate the string and include the value for $tax in the string.

I'm not a fan of this particular method, but it is correct. An alternative could be to use sprintf()

回复 原文
悲念泪 2024-07-18 18:36:30

这段代码似乎是强制 $text_include_tax 成为字符串的糟糕方法。

它不好的原因是因为 if $text_include_tax 可以包含用户输入的数据,他们就有可能执行任意代码。

例如,如果 $text_include_tax 设置为等于:

"\"; readfile('/etc/passwd'); $_dummy = \"";

eval 将变为:

eval("$text_include_tax = \"\"; readfile('/etc/passwd'); $_dummy =\"\";");

向恶意用户提供 passwd 文件的转储。

更正确的方法是将变量转换为 string:

$text_include_tax = (string) $text_include_tax;

甚至只是:

$text_include_tax = "$text_include_tax";

如果数据 $text_include_tax 只是内部变量或包含已验证的内容,则不存在安全风险。 但这仍然是一种将变量转换为字符串的糟糕方法,因为有更明显、更安全的方法可以做到这一点。

This code seems to be a bad way of forcing $text_including_tax to be a string.

The reason it is bad is because if $text_including_tax can contain data entered by a user it is possible for them to execute arbitrary code.

For example if $text_include_tax was set to equal:

"\"; readfile('/etc/passwd'); $_dummy = \"";

The eval would become:

eval("$text_include_tax = \"\"; readfile('/etc/passwd'); $_dummy =\"\";");

Giving the malicious user a dump of the passwd file.

A more correct method for doing this would be to cast the variable to string:

$text_include_tax = (string) $text_include_tax;

or even just:

$text_include_tax = "$text_include_tax";

If the data $text_include_tax is only an internal variable or contains already validated content there isn't a security risk. But it's still a bad way to convert a variable to a string because there are more obvious and safer ways to do it.

回复 原文
独自唱情﹋歌 2024-07-18 18:36:30

我猜测这是强制 $text_include_tax 成为字符串而不是数字的一种时髦方式。

I'm guessing that it's a funky way of forcing $text_including_tax to be a string and not a number.

回复 原文
瞳孔里扚悲伤 2024-07-18 18:36:30

也许这是尝试将变量转换为字符串? 只是一个猜测。

Perhaps it's an attempt to cast the variable as a string? Just a guess.

回复 原文
別甾虛僞 2024-07-18 18:36:30

您将需要评估才能将税率输入到输出中。 刚刚将其移至新服务器,由于某种原因,该行导致服务器错误。 作为快速修复,我将其更改为:

//eval ("\$text_including_tax = \"$text_including_tax\";");
$text_including_tax = str_replace('$tax', $tax, $text_including_tax);

You will need the eval to get the tax rate into the output. Just moved this to a new server and for some reason this line caused a server error. As a quick fix, I changed it to:

//eval ("\$text_including_tax = \"$text_including_tax\";");
$text_including_tax = str_replace('$tax', $tax, $text_including_tax);
回复 原文
微凉 2024-07-18 18:36:30

它将字符串评估为 PHP 代码。

但它似乎让一个变量等于它自己? 诡异的。

It is evaluating the string as PHP code.

But it seems to be making a variable equal itself? Weird.

回复 原文
演出会有结束 2024-07-18 18:36:30

正如其他人指出的那样,这是由不知道自己在做什么的人编写的代码。

我还快速浏览了代码,发现在放置 HTML/URI 等时完全没有文本转义。 一起。 如果您愿意正确审核的话,除了评估问题之外,这里可能还可以找到许多注入漏洞。

我不希望这段代码在我的服务器上运行。

As others have pointed out, it's code written by someone who doesn't know what on earth they're doing.

I also had a quick browse of the code to find a total lack of text escaping when putting HTML/URIs/etc. together. There are probably many injection holes to be found here in addition to the eval issues, if you can be bothered to audit it properly.

I would not want this code running on my server.

回复 原文
左耳近心 2024-07-18 18:36:30

我之前已经浏览过该代码库。 这是我见过的最糟糕的 PHP 之一。

我想你会做这种事情来掩盖你在其他地方犯的错误。

I've looked through that codebase before. It's some of the worst PHP I have seen.

I imagine you'd do that kind of thing to cover up mistakes you made somewhere else.

回复 原文
孤者何惧 2024-07-18 18:36:30

不,它是这样做的:

$text_include_tax = "flat"。 此代码计算以下行:

$flat = "flat";

这不一定很好,但我确实使用过这样的技术一次将所有 MySQL 变量吸收到一个数组中,如下所示:

    while ($row = mysql_fetch_assoc($result)) {
        $var = $row["Variable_name"];
        $var = $row["Value"];
    }

No, it's doing this:

Say $text_including_tax = "flat". This code evaluates the line:

$flat = "flat";

It isn't necessarily good, but I did use a technique like this once to suck all the MySQL variables in an array like this:

    while ($row = mysql_fetch_assoc($result)) {
        $var = $row["Variable_name"];
        $var = $row["Value"];
    }
回复 原文
~没有更多了~

关于作者

逆流

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lioqio

文章 0 评论 0

Single

文章 0 评论 0

禾厶谷欠

文章 0 评论 0

alipaysp_2zg8elfGgC

文章 0 评论 0

qq_N6d4X7

文章 0 评论 0

放低过去

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文