Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

phpѧϰ±Ê¼Ç

 1¡¢$_SERVER['SCRIPT_NAME']¡¢$_SERVER['PHP_SELF']ºÍ$_SERVER['REQUEST_URI']Çø±ð
Àý×Ó:http://localhost/phpwind75/test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
$_SERVER['SCRIPT_NAME']Ö»»ñÈ¡½Å±¾Ãû£¬²»»ñÈ¡²ÎÊý,Êä³ö½á¹ûΪ:test.php;
$_SERVER['PHP_SELF']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ¡²ÎÊýÊý¾Ý£¬²¢¶Ô²ÎÊýÊý¾Ý½øÐÐÒ»´Îurldecode²Ù×÷£¬Ò׳öÏÖ¿çÕ¾¹¥»÷ÏÖÏó,Êä³ö½á¹ûΪ:
"><script>alert('xss')</script><foo
$_SERVER['REQUEST_URI']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ¡²ÎÊýԭʼÊý¾Ý,²Ù×÷½á¹ûΪ£º
test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
2¡¢urldecodeÓërawurldecodeÇø±ð
urldecode½«"+"½âÎöΪ" ",¶ørawurldecodeÔò²»½âÎö
3¡¢&&Óë||ÓÅÏȼ¶ÎÊÌâ
&&¼¶±ð±È||¸ß
4¡¢È«¾Ö±äÁ¿ÎÊÌâ
Èç¹ûÔÚͬһ¸öÎļþÄÚ$a= $_GLOBALS[a];
ÔÚº¯ÊýÖÐÈç¹ûÒªÒýÓÃÈ«¾Ö±äÁ¿Ôò±ØÐë:global $a;·ñÔòÖ»ÊÇ˽ÓбäÁ¿
ÀýÈ磺
global $a;
$a=2;
function test(){
echo $a;
}
test();

Õâ¸ö½á¹û½«Îª¿Õ
¶ø
global $a;
$a=2;

function test(){
global $a;
echo $a;
}

test();

Õâ¸ö½á¹û½«Îª:2,
Èç¹ûʹÓÃ$_GLOBALS[a]µÄ»°£¬Ôò½á¹ûҲΪ2:
global $a;
$a=2;

function test(){
echo $GLOBALS[a];
}

test();


Ïà¹ØÎĵµ£º

PHPÖÐCURL·½·¨curl_setopt()º¯ÊýµÄһЩ²ÎÊý

 
ÒÔϹØÓڴ˺¯Êý¸÷ÏîʹÓòÎÊý:
bool curl_setopt (int ch, string option, mixed value)
curl_setopt()º¯Êý½«ÎªÒ»¸öCURL»á»°ÉèÖÃÑ¡Ïî¡£option²ÎÊýÊÇÄãÏëÒªµÄÉèÖã¬valueÊÇÕâ¸öÑ¡Ïî¸ø¶¨µÄÖµ¡£
ÏÂÁÐÑ¡ÏîµÄÖµ½«±»×÷Ϊ³¤ÕûÐÎʹÓÃ(ÔÚoption²ÎÊýÖÐÖ¸¶¨)£º
CURLOPT_INFILESIZE
: µ±ÄãÉÏ´«Ò»¸öÎļþµ½Ô¶³ÌÕ¾µã£¬Õâ¸öÑ¡Ï ......

PHP³¬È«¾Ö±äÁ¿Ö®$_SERVERµÄÏêϸÓ÷¨

 $_SERVER['PHP_SELF'] #µ±Ç°ÕýÔÚÖ´Ðнű¾µÄÎļþÃû£¬Óë document rootÏà¹Ø¡£
$_SERVER['argv'] #´«µÝ¸ø¸Ã½Å±¾µÄ²ÎÊý¡£
$_SERVER['argc'] #°üº¬´«µÝ¸ø³ÌÐòµÄÃüÁîÐвÎÊýµÄ¸öÊý£¨Èç¹ûÔËÐÐÔÚÃüÁîÐÐģʽ£©¡£
$_SERVER['GATEWAY_INTERFACE'] #·þÎñÆ÷ʹÓÃµÄ CGI ¹æ·¶µÄ°æ±¾¡£ÀýÈ磬“CGI/1.1”¡£
$_SERVER['S ......

09Äê5ÔÂ11ºÅ×îÐÂPHPÃæÊÔÌâ

һѡÔñÌ⣺
1.ÏÂÃæµÄÄǸöÑ¡Ïî¿ÉÒÔ»ñÈ¡±íµ¥Ìá½»µÄÖµ£¿£¨¶àÑ¡£© b d
<form name='frm1' method="post">
<input type="text" name="name" ><input type="submit" name="a">
</form>
A.$_GET['name']
B.$_POST['name']
C.$_SESSION['name']
D.$_REQUEST['name']
E.$_GLOBAL['name']
2.ÍüÀ²¡£ ......

php·ÀÖ¹Ò³ÃæˢдúÂë

 ¿ÉÓÃÓÚphpµÄ¼ÆÊýÆ÷ºÍ±íµ¥µÄÌá½»£¬·ÀÖ¹·´¸´Ë¢Ð¡£
¸´ÖÆ´úÂë
<?php
session_start();
$allow_sep = "30000";
if (isset($_SESSION["post_sep"]))
{
if (time() - $_SESSION["post_sep"] < $allow_sep)
{
exit("Çë²»Òª·´¸´Ë¢ÐÂ");
}
else
{
$_SESSION["post_sep"] = time();
}
}
e ......

linuxÏ¿ìËÙ°²×°apache+php+mysql

 £¨1£©¡¢yum°²×°mysql
//yum°²×°
yum -y install mysql mysql_server
//ÔÚ·þÎñÇåµ¥ÖÐÌí¼Ómysql·þÎñ
chkconfig --add mysqld
//·þÎñÆô¶¯
service mysqld start
//³õʼ»¯mysqlÊý¾Ý¿â
/usr/bin/mysql_secure_installation
£¨2£©¡¢°²×°apache
yum -y install httpd
service httpd start
Ìí¼ÓiptablesÔÊÐí·Ã ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ