【发布时间】:2016-07-17 21:57:28
【问题描述】:
当我偶然var_dump()一个子类的对象时,我有点担心,结果显示了我所有的sql元素和变量值,包括数据库用户名、密码和数据库名。是否存在安全问题。如果是,我该如何屏蔽它?如果有人给我指点一下,将不胜感激。
$ClassObject=new MyChildClass();
var_dump($ClassObject);
示例结果如下:-
object(MyChildClass)#1 (17) { ["database":protected]=> object(Crud)#2 (13) { ["rows"]=> 字符串(12) "column_name" ["vals"]=> NULL ["query"]=> NULL ["table"]=> string(8) "users" ["DB_TYPE":"Database":private]=> 字符串(5)“mysql”[“主机”:“数据库”:私有]=>字符串(9)“本地主机” ["user":"Database":private]=> string(4) "root" ["pass":"Database":private]=> string(7) "mypass" ["db":"Database":private]=> 字符串(13) "mydbname" ["conn":"Database":private]=> 对象(PDO)#3 (0) { } [“错误”:“数据库”:私有]=> NULL [“结果”]=> NULL ["stmt":"Database":private]=> object(PDOStatement)#5 (1) { ["queryString"]=> string(51) "SELECT column_name FROM ms_users WHERE userid=:uid" } } ["loguserid":"Users":private]=> string(1) "4" ["rows"]=> array(0) { } ["vals"]=> NULL ["query"]=> NULL ["table"]=> 字符串(16)“MyTable_name”[“DB_TYPE”:“数据库”:私有]=>字符串(5) "mysql" ["host":"Database":private]=> string(9) "localhost" ["user":"Database":private]=> string(4) "root" ["pass":"Database":private]=> string(7) "MyPass" ["db":"Database":private]=> 字符串(13) "mydbname" ["conn":"Database":private]=> NULL ["error":"Database":private]=> NULL ["result"]=> NULL ["stmt":"Database":private]=> NULL ["join"]=> string(0) "" ["where"]=> string(35) "user_id=:id1 AND column_name=:id2" }
【问题讨论】:
标签: php database class object var-dump