Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

È·±£PHP°²È«µÄËÄÌõ°²È«¹æÔò

ÓйØPHP
°²È«µÄ¼¸Ìõ¹æÔò
¹æÔò 1£º¾ø²»ÒªÐÅÈÎÍⲿÊý¾Ý»òÊäÈë
¹ØÓÚ Web Ó¦ÓóÌÐò°²È«ÐÔ£¬±ØÐëÈÏʶµ½µÄµÚÒ»¼þÊÂÊDz»Ó¦¸ÃÐÅÈÎÍⲿÊý¾Ý¡£ÍⲿÊý¾Ý£¨outside data£© °üÀ¨²»ÊÇÓɳÌÐòÔ±ÔÚ PHP

´úÂëÖÐÖ±½ÓÊäÈëµÄÈκÎÊý¾Ý¡£ÔÚ²ÉÈ¡´ëÊ©È·±£°²È«Ö®Ç°£¬À´×ÔÈκÎÆäËûÀ´Ô´£¨±ÈÈç GET ±äÁ¿¡¢±íµ¥ POST¡¢Êý¾Ý¿â¡¢ÅäÖÃÎļþ¡¢»á»°±äÁ¿»ò
cookie£©µÄÈκÎÊý¾Ý¶¼ÊDz»¿ÉÐÅÈεÄ
ÀýÈ磬ÏÂÃæµÄÊý¾ÝÔªËØ¿ÉÒÔ±»ÈÏΪÊÇ°²È«µÄ£¬ÒòΪËüÃÇÊÇÔÚ PHP
ÖÐÉèÖõġ£
Çåµ¥ 1. °²È«ÎÞϾµÄ´úÂë
ÒÔÏÂΪÒýÓõÄÄÚÈÝ£º
<?php
$myUsername = ‘tmyer’;
$arrayUsers =
array(’tmyer’, ‘tom’, ‘tommy’);
define(”GREETING”, ‘hello there’ .
$myUsername);
?>
µ«ÊÇ£¬ÏÂÃæµÄÊý¾ÝÔªËض¼ÊÇÓÐ覴õġ£
Çåµ¥ 2. ²»°²È«¡¢ÓÐ覴õĴúÂë
ÒÔÏÂΪÒýÓõÄÄÚÈÝ£º
<?php
$myUsername = $_POST['username'];
//tainted!
$arrayUsers = array($myUsername, ‘tom’, ‘tommy’);
//tainted!
define(”GREETING”, ‘hello there’ . $myUsername);
//tainted!
?>
Ϊ ʲôµÚÒ»¸ö±äÁ¿ $myUsername ÊÇÓÐ覴õģ¿ÒòΪËüÖ±½ÓÀ´×Ô±íµ¥
POST¡£Óû§¿ÉÒÔÔÚÕâ¸öÊäÈëÓòÖÐÊäÈëÈκÎ×Ö·û´®£¬°üÀ¨ÓÃÀ´Çå³ýÎļþ»òÔËÐÐÒÔÇ°ÉÏ´«µÄÎļþµÄ¶ñÒâÃüÁî¡£Äú¿ÉÄÜ»áÎÊ£¬“ÄѵÀ²»ÄÜʹÓÃÖ»½ÓÊÜ×Öĸ A-Z
µÄ¿Í»§¶Ë£¨Javascrīpt£©±íµ¥¼ìÑé½Å±¾À´±ÜÃâÕâÖÖΣÏÕÂ𣿔Êǵģ¬Õâ×ÜÊÇÒ»¸öÓкô¦µÄ²½Ö裬µ«ÊÇÕýÈçÔÚºóÃæ»á¿´µ½µÄ£¬ÈκÎÈ˶¼¿ÉÒÔ½«ÈÎºÎ±íµ¥ÏÂÔØ
µ½×Ô¼ºµÄ»úÆ÷ÉÏ£¬ÐÞ¸ÄËü£¬È»ºóÖØÐÂÌá½»ËûÃÇÐèÒªµÄÈκÎÄÚÈÝ¡£
½â¾ö·½°¸ºÜ¼òµ¥£º±ØÐë¶Ô $_POST['username'] ÔËÐÐÇåÀí´úÂë¡£Èç¹û²»Õâô×ö£¬ÄÇôÔÚʹÓà $myUsername
µÄÈκÎÆäËûʱºò£¨±ÈÈçÔÚÊý×é»ò³£Á¿ÖУ©£¬¾Í¿ÉÄÜÎÛȾÕâЩ¶ÔÏó¡£
¶ÔÓû§ÊäÈë½øÐÐÇåÀíµÄÒ»¸ö¼òµ¥·½·¨ÊÇ£¬Ê¹ÓÃÕýÔò±í´ïʽÀ´´¦ÀíËü¡£ÔÚÕâ¸öʾÀýÖУ¬Ö»Ï£Íû½ÓÊÜ×Öĸ¡£½«×Ö·û´®ÏÞÖÆΪÌض¨ÊýÁ¿µÄ×Ö·û£¬»òÕßÒªÇóËùÓÐ×Öĸ¶¼ÊÇСдµÄ£¬Õâ¿ÉÄÜÒ²ÊǸöºÃÖ÷Òâ¡£
Çåµ¥ 3. ʹÓû§ÊäÈë±äµÃ°²È« www~phperz~com
ÒÔÏÂΪÒýÓõÄÄÚÈÝ£º
<?php
$myUsername = cleanInput($_POST['username']);
//clean!
$arrayUsers = array($myUsername, ‘tom’, ‘tommy’);
//clean!
define(”GREETING”, ‘hello there’ .


Ïà¹ØÎĵµ£º

php list·½·¨µÄÃîÓÃ

Ò»¸ö¼òµ¥µÄÀý×Ó¶ÁÈ¡CSVÎļþ£º
<?php
$handle=fopen("test.csv","r");
echo "<table border=2>";
//ÅäºÏwhileÑ­»·¶ÁÈ¡Îļþ
while($data=fgetcsv($handle,1024))
{
list($user,$pwd,$partment,$title)=$data;
echo "<tr>
<td>$user</td>
<td>$pwd< ......

phpÁ¬½Óaccess


phpÁ¬½Óaccess
 
 
$conn=new COM("ADODB.Connection");
$dsn="DRIVER={Microsoft Access Driver (*.mdb)};DBQ=".realpath("data.mdb").";Uid=Admin; Pwd=BDC2002Data;";
$conn->open($dsn); 
$sql="select * from dict"; 
$rs=$conn->Execute($sql);
$row="0";
while(!$rs->EO ......

PHP CookieÓëSession¿çÓò·ÃÎÊ¡¢´«µÝ


ÍíÉÏÌØÒ⻨Á˸öʱ¼ä£¬×Ô¼º¶¯ÊÖÊÔÁËÏ¡£
ÔÚÏîÄ¿ÖÐÒ»Ö±Åöµ½Cookie¿çÓò·ÃÎʼ°SessionId¿çÓò´«µÝÎÊÌâ
·¶Àý£º
index.php
<?php
include_once('a.php');
session_start();
$_SESSION['k'] = uniqid();
setcookie("sess", session_id(), time()+3600, "/", ".ipggg.com");
echo "index.php<br />\n";
echo $ ......

Äã²»Á˽âPHPµÄ10¼þÊÂÇé

1.ʹÓà ip2long() ºÍ long2ip() º¯ÊýÀ´°Ñ IP µØַת»¯³ÉÕûÐÍ´æ´¢µ½Êý¾Ý¿âÀï¡£ÕâÖÖ·½·¨°Ñ´æ´¢¿Õ¼ä½µµ½Á˽ӽüËÄ·ÖÖ®Ò»£¨char(15) µÄ 15 ¸ö×Ö½Ú¶ÔÕûÐ뵀 4 ¸ö×Ö½Ú£©£¬¼ÆËãÒ»¸öÌض¨µÄµØÖ·ÊDz»ÊÇÔÚÒ»¸öÇø¶ÎÄÚÒ³¸ü¼òµ¥ÁË£¬¶øÇÒ¼Ó¿ìÁËËÑË÷ºÍÅÅÐòµÄËٶȣ¨ËäÈ»ÓÐʱ½ö½öÊÇ¿ìÁËÒ»µã£©¡£
2.ÔÚÑéÖ¤ email µØÖ·µÄʱºòʹÓà checkdnsrr() º ......

PHPÎļþ°üº¬Â©¶´Ô­Àí·ÖÎöºÍÀûÓ÷½·¨


ÕªÒª£ºÒ»¡¢Éæ¼°µ½µÄΣÏÕº¯Êý¡²include(),require()ºÍinclude_once(),require_once()¡³ include()&&require()Óï¾ä:°üÀ¨²¢ÔËÐÐÖ¸¶¨Îļþ¡£ÕâÁ½Öֽṹ³ýÁËÔÚÈçºÎ´¦Àíʧ°ÜÖ®ÍâÍêÈ«Ò»Ñù¡£include()²úÉúÒ»¸ö¾¯¸æ¶ørequire()Ôòµ¼ÖÂÒ»¸öÖÂÃü´íÎó¡£»»¾ä»°Ëµ£¬Èç¹ûÄãÏëÔÚÓöµ½¶ªÊ§Îļþʱֹͣ´¦ÀíÒ³Ãæ¾ÍÓÃrequire()¡£include() ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ