修复在php版本7.2.4中安装inoERP时不推荐使用的函数错误
我的电脑上安装了php 7.2版,出现了一个修复在php版本7.2.4中安装inoERP时不推荐使用的函数错误,php,deprecated,Php,Deprecated,我的电脑上安装了php 7.2版,出现了一个不推荐使用的函数错误,而在低于7.2版的php版本中,它运行正常 function getQueriesFromSQLFile($sqlfile) { if (is_readable($sqlfile) === false) { throw new Exception($sqlfile . 'does not exist or is not readable.'); } # read file into array $file = fil
不推荐使用的函数
错误,而在低于7.2版的php版本中,它运行正常
function getQueriesFromSQLFile($sqlfile) {
if (is_readable($sqlfile) === false) {
throw new Exception($sqlfile . 'does not exist or is not readable.');
}
# read file into array
$file = file($sqlfile);
# import file line by line
# and filter (remove) those lines, beginning with an sql comment token
$file = array_filter($file, create_function('$line', 'return strpos(ltrim($line), "--") !== 0;'));
# and filter (remove) those lines, beginning with an sql notes token
$file = array_filter($file, create_function('$line', 'return strpos(ltrim($line), "/*") !== 0;'));
# this is a whitelist of SQL commands, which are allowed to follow a semicolon
$keywords = array(
'ALTER', 'CREATE', 'DELETE', 'DROP', 'INSERT',
'REPLACE', 'SELECT', 'SET', 'TRUNCATE', 'UPDATE', 'USE'
);
# create the regular expression for matching the whitelisted keywords
$regexp = sprintf('/\s*;\s*(?=(%s)\b)/s', implode('|', $keywords));
# split there
$splitter = preg_split($regexp, implode("\r\n", $file));
# remove trailing semicolon or whitespaces
$splitter = array_map(create_function('$line', 'return preg_replace("/[\s;]*$/", "", $line);'), $splitter);
# remove empty lines
return array_filter($splitter, create_function('$line', 'return !empty($line);'));
}
您注意到的创建函数()
函数。这是一个你不应该使用的函数,出于安全考虑,我相信它已经被弃用了,它包装了非常危险的eval函数。该功能允许攻击者在特定情况下在您的计算机上执行任意代码
您应该使用匿名函数,例如
$file = array_filter(
$file,
function($line) { return strpos(ltrim($line), "--") !== 0; }
);