|
|
Posted by Jason Barnett on 04/28/05 17:25
Please do not reply to me personally. I will usually read your
responses in the newsgroup.
Vedanta Barooah wrote:
> the code below was talking of function declarations ... reffer to the thread.
> will code injection in case of function declarations work? I am not sure!!
>
OK. But even so add($a,$b,$c) !== add($a = null, $b = null, $c = null)
> ;)
>
> <?php
> function add($a,$b,$c){
These arguments ($a, $b, and $c) are all *required* arguments. If you
definition was:
function add($a, $b = null, $c = null)
Then you don't have to pass *any* arguments *except* for the first one.
> return $a+$b+$c ;
> }
> echo add(2,null,3);
> # even if you pass the value of $b in the url as a get or post
> param... it wont work.
> ?>
The variables inside a function are not in the global scope so you are
ok here. However if you ever plan on calling this function with
uninitialized variables then it is quite likely some fool is going to do
what I previously suggested, i.e.
<?php
/** Page called with ?a=22 appended to URL */
function add($a,$b,$c) {
return $a+$b+$c;
}
$total = add($first, $second, $third);
/** You think this will be 0, but with register_globals this is actually
22 */
echo $total;
?>
>
> thanks,
> vedanta
>
Navigation:
[Reply to this message]
|