在 php 版本 7.2.4 中安装 inoERP 时修复弃用函数错误
Fix Deprecated Function errors when installing inoERP in php version 7.2.4
我在我的 PC 上安装了 php 7.2 版并收到 deprecated function 错误,而在低于 7.2 的 php 版本中它通常是 运行。
function getQueriesFromSQLFile($sqlfile) {
if (is_readable($sqlfile) === false) {
throw new Exception($sqlfile . 'does not exist or is not readable.');
}
# read file into array
$file = file($sqlfile);
# import file line by line
# and filter (remove) those lines, beginning with an sql comment token
$file = array_filter($file, create_function('$line', 'return strpos(ltrim($line), "--") !== 0;'));
# and filter (remove) those lines, beginning with an sql notes token
$file = array_filter($file, create_function('$line', 'return strpos(ltrim($line), "/*") !== 0;'));
# this is a whitelist of SQL commands, which are allowed to follow a semicolon
$keywords = array(
'ALTER', 'CREATE', 'DELETE', 'DROP', 'INSERT',
'REPLACE', 'SELECT', 'SET', 'TRUNCATE', 'UPDATE', 'USE'
);
# create the regular expression for matching the whitelisted keywords
$regexp = sprintf('/\s*;\s*(?=(%s)\b)/s', implode('|', $keywords));
# split there
$splitter = preg_split($regexp, implode("\r\n", $file));
# remove trailing semicolon or whitespaces
$splitter = array_map(create_function('$line', 'return preg_replace("/[\s;]*$/", "", $line);'), $splitter);
# remove empty lines
return array_filter($splitter, create_function('$line', 'return !empty($line);'));
}
如您所见,create_function() 函数 has been deprecated in 7.2。这是一个你应该尽量不要使用的功能,我相信出于安全原因它已被弃用,它包装了非常危险的 eval 功能。该函数允许攻击者在特定情况下在您的机器上执行任意代码。
您应该使用匿名函数,例如
$file = array_filter(
$file,
function($line) { return strpos(ltrim($line), "--") !== 0; }
);
我在我的 PC 上安装了 php 7.2 版并收到 deprecated function 错误,而在低于 7.2 的 php 版本中它通常是 运行。
function getQueriesFromSQLFile($sqlfile) {
if (is_readable($sqlfile) === false) {
throw new Exception($sqlfile . 'does not exist or is not readable.');
}
# read file into array
$file = file($sqlfile);
# import file line by line
# and filter (remove) those lines, beginning with an sql comment token
$file = array_filter($file, create_function('$line', 'return strpos(ltrim($line), "--") !== 0;'));
# and filter (remove) those lines, beginning with an sql notes token
$file = array_filter($file, create_function('$line', 'return strpos(ltrim($line), "/*") !== 0;'));
# this is a whitelist of SQL commands, which are allowed to follow a semicolon
$keywords = array(
'ALTER', 'CREATE', 'DELETE', 'DROP', 'INSERT',
'REPLACE', 'SELECT', 'SET', 'TRUNCATE', 'UPDATE', 'USE'
);
# create the regular expression for matching the whitelisted keywords
$regexp = sprintf('/\s*;\s*(?=(%s)\b)/s', implode('|', $keywords));
# split there
$splitter = preg_split($regexp, implode("\r\n", $file));
# remove trailing semicolon or whitespaces
$splitter = array_map(create_function('$line', 'return preg_replace("/[\s;]*$/", "", $line);'), $splitter);
# remove empty lines
return array_filter($splitter, create_function('$line', 'return !empty($line);'));
}
如您所见,create_function() 函数 has been deprecated in 7.2。这是一个你应该尽量不要使用的功能,我相信出于安全原因它已被弃用,它包装了非常危险的 eval 功能。该函数允许攻击者在特定情况下在您的机器上执行任意代码。
您应该使用匿名函数,例如
$file = array_filter(
$file,
function($line) { return strpos(ltrim($line), "--") !== 0; }
);