thinkphp icon indicating copy to clipboard operation
thinkphp copied to clipboard
verified publisher icon top-think

Action参数绑定,参数值是between的时候多了个空格符,奇怪的bug还是什么原因?

Open nasireddin opened this issue 8 years ago • 2 comments

控制器代码: public function test($t=null,$yy=null,$vv=null){ var_dump($_GET); var_dump($t); var_dump($yy); var_dump($vv); exit; } 1.thinkphp返回: array (size=3) 'yy' => string 'between' (length=7) 'vv' => string 'day' (length=3) 't' => string 'between' (length=7) string 'between ' (length=8) string 'between ' (length=8) string 'day' (length=3)

2.对比下yii2返回: array (size=4) 'r' => string 'site/about' (length=10) 'yy' => string 'between' (length=7) 'vv' => string 'day' (length=3) 't' => string 'between' (length=7) string 'between' (length=7) string 'between' (length=7) string 'day' (length=3)

nasireddin avatar Mar 22 '17 04:03 nasireddin

这是TP的安全过滤造成的

liu21st avatar Mar 22 '17 04:03 liu21st

谢谢,原来是这个方法呀

function think_filter(&$value){ // TODO 其他安全过滤

// 过滤查询特殊字符
if(preg_match('/^(EXP|NEQ|GT|EGT|LT|ELT|OR|XOR|LIKE|NOTLIKE|NOT BETWEEN|NOTBETWEEN|BETWEEN|NOTIN|NOT IN|IN)$/i',$value)){
    $value .= ' ';
}

}

nasireddin avatar Mar 22 '17 05:03 nasireddin