如何清除以前在 PHP 中回显的项目
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1057986/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to clear previously echoed items in PHP
提问by edt
In php, is there any way to clear/remove all previously echoed or printed items?
在 php 中,有没有办法清除/删除所有以前回显或打印的项目?
For example:
例如:
<?php
echo 'a';
print 'b';
// some statement that removes all printed/echoed items
echo 'c';
// the final output should be equal to 'c', not 'abc'
?>
My script uses the include function. The included files are not supposed to echo anything. Just in case someone (ex = hacker) tries, I need a way to remove.
我的脚本使用了 include 函数。包含的文件不应该回显任何内容。以防万一有人(前 = 黑客)尝试,我需要一种方法来删除。
回答by Matthew Scharley
<?php
ob_start();
echo 'a';
print 'b';
// some statement that removes all printed/echoed items
ob_end_clean();
echo 'c';
// the final output is equal to 'c', not 'abc'
?>
The output buffering functions are also useful in hackery to coerce functions that only print to return strings, ie.
输出缓冲函数在hackery 中也很有用,可以强制只打印返回字符串的函数,即。
<?php
ob_start();
var_dump($myVar);
$data = ob_get_clean();
// do whatever with $data
?>
回答by jrharshath
while @monoxide is right, its better to find more intuitive ways of doing the same. e.g.:
虽然@monoxide 是对的,但最好找到更直观的方法来做同样的事情。例如:
<?php
$val_to_print = $a;
if( $need_to_change==true )
$val_to_print = $b;
// when you are sure you won't have to change again...
echo $val_to_print;
?>
Cheers,
干杯,
jrh
jrh
回答by Sampson
Ideally, you shouldn't output anything that you don't ultimately want printed. Keep your logic separate from your presentation for less frustration.
理想情况下,您不应该输出您最终不想打印的任何内容。将您的逻辑与您的演示文稿分开,以减少挫败感。
That being said, you can consult the Output Bufferingoptions within PHP.
话虽如此,您可以查阅PHP 中的输出缓冲选项。
回答by Meep3D
If it is debug output and program status information you are worried about maybe trigger_error may be nearer to what you need, such as:
如果是你担心的调试输出和程序状态信息,trigger_error 可能更接近你需要的信息,例如:
trigger_error ("Attempting to load report #{$report_id}.", E_USER_NOTICE);
When your script is in production it wont show up any errors as generally they are disabled or logged. It's also best to do fatal errors this way with E_USER_ERROR rather than using die ().
当您的脚本在生产中时,它不会显示任何错误,因为它们通常被禁用或记录。最好用 E_USER_ERROR 这种方式处理致命错误,而不是使用 die()。
ob_start ();
require ($filename);
$html = ob_get_clean ();
The above will also include a file and give you its contents as a string.
上面还将包含一个文件,并将其内容作为字符串提供。
Caveat: Ditching the buffer will also ditch any error messages thrown up, making debugging (potentially) a nightmare.
警告:丢弃缓冲区也会丢弃任何抛出的错误消息,使调试(可能)成为一场噩梦。
回答by Andrew Moore
If a hacker let's say has access to your PHP file, he will also be able to remove the statement clearing the output buffer.
如果黑客可以访问您的 PHP 文件,他还可以删除清除输出缓冲区的语句。
If you are doing this because you are letting your users upload PHP scripts, let me tell you that this is an extremely bad idea.
如果你这样做是因为你让你的用户上传 PHP 脚本,让我告诉你这是一个非常糟糕的主意。
In both cases, doing what you are asking for adds 0 security.
在这两种情况下,执行您所要求的操作都会增加 0 安全性。
