Cannot be restored when the variable value is Superglobals

Question

Cannot be restored when the variable value is Superglobals

L2ksy0d opened this issue 2 years ago · 4 comments

sample:

<?php
    $a = $_POST['a'];
    $b = $_GET['b'];
    $c = 'assert';
    $a($b);
    $c($a);
    echo "aaa";

it doesn't seem to get a value, and it appears empty.

Answer 1 · 2022-12-29T17:45:37.000Z

What is it that is wrong?

I get this, which looks correct:

<?php

$a = $_POST['a'];
$b = $_GET['b'];
$c = 'assert';
$a($b);
assert($a);
echo "aaa";

Answer 2 · 2022-12-30T06:06:08.000Z

Oh, I mean can the value of $a be restored, because it's the special variable "Superglobals".
Just like $c($a) is restored to assert($_POST['a']).

Answer 3 · 2022-12-30T13:31:03.000Z

Okay, so in a simple example like:

$a = ...
$b = $a;
echo $b;

Then echo $b can be replaced by echo $a?

This won't work in general, as copies are done by-value, which is fine for scalar values but not for arrays.
I don't think superglobals will be any different here.

In an example such as:

$a = [1, 2, 3];
$b = $a;
array_pop($b);

You can't replace array_pop($b) with array_pop($a) because they are different arrays. array_pop($b) only affects array $b, not array $a.

I've also just realised that it's unsound to assume $c is always "assert" when they are global variables. e.g. consider:

function change_globals() {
    global $c;
    $c = 'foo';
}

$a = $_POST['a'];
$b = $_GET['b'];
$c = 'assert';
$a($b);
$c($a);
echo "aaa";

If $_POST['a'] was the string "change_globals", then suddenly $c is no longer "assert" but is instead "foo".

Answer 4 · 2023-01-03T02:44:54.000Z

tks for your answer.