phpѧϰ±Ê¼Ç
1¡¢$_SERVER['SCRIPT_NAME']¡¢$_SERVER['PHP_SELF']ºÍ$_SERVER['REQUEST_URI']Çø±ð
Àý×Ó:http://localhost/phpwind75/test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
$_SERVER['SCRIPT_NAME']Ö»»ñÈ¡½Å±¾Ãû£¬²»»ñÈ¡²ÎÊý,Êä³ö½á¹ûΪ:test.php;
$_SERVER['PHP_SELF']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ¡²ÎÊýÊý¾Ý£¬²¢¶Ô²ÎÊýÊý¾Ý½øÐÐÒ»´Îurldecode²Ù×÷£¬Ò׳öÏÖ¿çÕ¾¹¥»÷ÏÖÏó,Êä³ö½á¹ûΪ:
"><script>alert('xss')</script><foo
$_SERVER['REQUEST_URI']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ¡²ÎÊýÔʼÊý¾Ý,²Ù×÷½á¹ûΪ£º
test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
2¡¢urldecodeÓërawurldecodeÇø±ð
urldecode½«"+"½âÎöΪ" ",¶ørawurldecodeÔò²»½âÎö
3¡¢&&Óë||ÓÅÏȼ¶ÎÊÌâ
&&¼¶±ð±È||¸ß
4¡¢È«¾Ö±äÁ¿ÎÊÌâ
Èç¹ûÔÚͬһ¸öÎļþÄÚ$a= $_GLOBALS[a];
ÔÚº¯ÊýÖÐÈç¹ûÒªÒýÓÃÈ«¾Ö±äÁ¿Ôò±ØÐë:global $a;·ñÔòÖ»ÊÇ˽ÓбäÁ¿
ÀýÈ磺
global $a;
$a=2;
function test(){
echo $a;
}
test();
Õâ¸ö½á¹û½«Îª¿Õ
¶ø
global $a;
$a=2;
function test(){
global $a;
echo $a;
}
test();
Õâ¸ö½á¹û½«Îª:2,
Èç¹ûʹÓÃ$_GLOBALS[a]µÄ»°£¬Ôò½á¹ûҲΪ2:
global $a;
$a=2;
function test(){
echo $GLOBALS[a];
}
test();
Ïà¹ØÎĵµ£º
ÆÕͨPHP³ÌÐòÔ±±ÊÊÔÌâ
1. ÓÃPHP´òÓ¡³öÇ°Ò»ÌìµÄʱ¼ä£¬´òÓ¡¸ñʽÊÇ2007Äê5ÔÂ10ÈÕ 22:21:21
2. PHP´úÂëÈçÏ£º
$a="hello";
$b=&$a;
unset($b);
$b="world";
echo $a;
Æä½á¹ûÊÇ£¿
3. PHP´úÂëÈçÏ£º
$str="cd";
$$str="landog";
$$st ......
½üÔÚѧ[url=javascript:;]PHP[/url],һλÅóÓÑÎʵ½[url=javascript:;]ʱ¼ä[/url]µÄ¼ÆËã,´ËʱÎÒÏëµ½ÁËdelphiºÍmssqlµÄ¼ÆËã[url=javascript:;]º¯Êý[/url],ËüÃÇÓÃÆðÀ´¶¼ºÜ·½±ã,µ«²é²éphpÊֲᲢδ·¢ÏÖÀàËƵÄʱ¼ä¼ÆË㺯Êý,ͨ¹ýÍøÎĵÄÆô·¢ºÍ×ÔÒѵIJâÊÔ,»¹ÊÇÕÒµ½¼òµ¥µÄ[url=javascript:;]·½·¨[/url]À´ÊµÏÖ 8 =FP�92X�
¾ßÌåÈ ......
£¨1£©¡¢yum°²×°mysql
//yum°²×°
yum -y install mysql mysql_server
//ÔÚ·þÎñÇåµ¥ÖÐÌí¼Ómysql·þÎñ
chkconfig --add mysqld
//·þÎñÆô¶¯
service mysqld start
//³õʼ»¯mysqlÊý¾Ý¿â
/usr/bin/mysql_secure_installation
£¨2£©¡¢°²×°apache
yum -y install httpd
service httpd start
Ìí¼ÓiptablesÔÊÐí·Ã ......
global¶¨ÒåÒ»¸öÈ«¾Ö±äÁ¿£¬Õâ¸öÈ«¾Ö±äÁ¿²»ÊÇÓ¦ÓÃÕû¸öÍøÕ¾£¬¶øÊÇÓ¦ÓÃÓ뵱ǰҳÃ棨°üÀ¨requireºÍincludeÎļþ£©Îļþ¡£
$aa="test";
function test()
{
global $aa;
echo $aa;
}
test(); //print test
º¯ÊýÄÚ¶¨ÒåµÄ±äÁ¿º¯ÊýÍâ¿ÉÒÔµ÷Óã¬ÔÚº¯ÊýÍⶨÒåµÄµÄ±äÁ¿º¯ÊýÄÚ²»ÄÜʹÓá£
gl ......
