1¡¢$_SERVER['SCRIPT_NAME']¡¢$_SERVER['PHP_SELF']ºÍ$_SERVER['REQUEST_URI']Çø±ð
Àý×Ó:http://localhost/phpwind75/test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
$_SERVER['SCRIPT_NAME']Ö»»ñÈ¡½Å±¾Ãû£¬²»»ñÈ¡²ÎÊý,Êä³ö½á¹ûΪ:test.php;
$_SERVER['PHP_SELF']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ¡²ÎÊýÊý¾Ý£¬²¢¶Ô²ÎÊýÊý¾Ý½øÐÐÒ»´Îurldecode²Ù×÷£¬Ò׳öÏÖ¿çÕ¾¹¥»÷ÏÖÏó,Êä³ö½á¹ûΪ:
"><script>alert('xss')</script><foo
$_SERVER['REQUEST_URI']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ¡²ÎÊýÔʼÊý¾Ý,²Ù×÷½á¹ûΪ£º
test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
2¡¢urldecodeÓërawurldecodeÇø±ð
urldecode½«"+"½âÎöΪ" ",¶ørawurldecodeÔò²»½âÎö
3¡¢&&Óë||ÓÅÏȼ¶ÎÊÌâ
&&¼¶±ð±È||¸ß
4¡¢È«¾Ö±äÁ¿ÎÊÌâ
Èç¹ûÔÚͬһ¸öÎļþÄÚ$a= $_GLOBALS[a];
ÔÚº¯ÊýÖÐÈç¹ûÒªÒýÓÃÈ«¾Ö±äÁ¿Ôò±ØÐë:global $a;·ñÔòÖ»ÊÇ˽ÓбäÁ¿
ÀýÈ磺
global $a;
$a=2;
function test(){
echo $a;
}
test();
Õâ¸ö½á¹û½«Îª¿Õ
¶ø
global $a;
$a=2;
function test(){
global $a;
echo $a;
}
test();
Õâ¸ö½á¹û½«Îª:2,
Èç¹ûʹÓÃ$_GLOBALS[a]µÄ»°£¬Ôò½á¹ûҲΪ2:
global $a;
$a=2;
function test(){
echo $GLOBALS[a];
}
test();
ÓÃPHP¹ýÂËÌá½»±íµ¥µÄhtml´úÂëÀï¿ÉÄÜÓб»ÀûÓÃÒýÈëÍⲿΣÏÕÄÚÈݵĴúÂë¡£ÀýÈ磬ÓÐЩʱºòÓû§Ìá½»±íµ¥Öк¬ÓÐhtmlÄÚÈÝ£¬µ«Õâ¿ÉÄÜÔì³ÉÏÔʾҳÃæ²¼¾Ö»ìÂÒ£¬ÐèÒª¹ýÂ˵ô¡£
ÒÔÏÂÊdzÌÐò´úÂ룺
¸´ÖÆ´úÂë
function uhtml($str)
{
$farr = array(
......
¿ÉÒÔ¼òµ¥µÄÓÐÁ½¸öforÑ»·±íʾ ¾Å¾Å³Ë·¨±í,µ«ÊDz¢²»ÖªµÀÈçºÎ½øÐÐURLµÄÉèÖÃ.
<?php
for($a =1;$a<=9;$a++)
{
for($b =1;$b<=$a;$b++)
{$c =$a *$b;
echo "$a*$b=$c ";
}
echo "<p>";
}
?> ......
