¹ØÓÚphpÀïµÄinclude
ÔÚÒÔÇ°µÄ×öµÄÀý×ÓÖÐÓöµ½¹ýÖظ´µÄ¼ÓÔصĴíÎó ¶î ÄǸöÊÇͨ¹ýinclude_once()À´½â¾ö »òÕß²»ÈÃËûÖظ´¼ÓÔØ°ÑÖظ´µÄinclude()È¥µôÒ»¸ö»ò¶à¸ö£¬×îÖÕֻʣÏÂÒ»¸öÕâÑùÎÊÌâ¾Í½â¾öÁË£¬µ«½ñÌìÓöµ½µÄÎÊÌâ¾Í¼¬ÊÖÁË ËµÊÇÕÒ²»µ½Îļþ¡£
ÊÂÇéÊÇÕâÑùµÄ £¬½ñÌìÔÚÎļþ¼ÐÀïÔÙн¨ÁËÒ»¸öÎļþ¼Ð£¬È»ºóÒÔÇ°includeµÄÎļþ¾Í³ö»ÆÏßÁË£¬È»ºóÔÚÇ°ÃæÔÙ¼ÓÁË../»ÆÏßÏûʧ£¬²»¹ýеÄÎÊÌâ³öÏÖÁË£¡
¼ÙÉèÎÒµÄproject¹¤³ÌÀïµÄclassÎļþÓÐÕâôһ¸öclass.php¶øÆäÖÐÓÖinclude£¨../dao/userdao.php£©,¶øuserdao.phpÀïinclude(../db/db_connect.php)È»ºóÎÒÔÚclassÎļþ¼ÐÓÖн¨ÁËÒ»¸öuserÎļþ¼ÐÈ»ºó°Ñclass.php·Å½øuserÀïÍ·£¬»ÆÏß³öÏ־ͰÑclass.phpÀïµÄinclude¸Ä³Éinclude(../../dao/userdao.php),ÕýÈçÉ϶ÎËù˵£¬»ÆÏßÏûʧ£¬ÕâÏÂÌáʾ˵ÕÒ²»µ½db_connect.php ,ÎÊÌ⻹ûÓнâ¾ö£¬ÄѵÀÎҵðÑuserÎļþɾµô ÔÚproject½¨Ò»¸öuserÎļþ¼Ð£¬ÕâÑùÓ¦¸Ã»áºÃʹ£¬µ«ÓÐûÓиüºÃµÄ°ì·¨£¿»¹ÇëÖªÕ߸æËßÎÒÕâÊÇΪʲô£¬Èç¹ûÄܽ²ÏÂincludeµÄÊÇÔõô¼ÓÔصģ¬¾Í¸üºÃÁË£¬¸Ð¼¤²»¾¡£¬µÈ´ýÎÊÌâµÄ½â¾ö
Ïà¹ØÎĵµ£º
1¡¢$_SERVER['SCRIPT_NAME']¡¢$_SERVER['PHP_SELF']ºÍ$_SERVER['REQUEST_URI']Çø±ð
Àý×Ó:http://localhost/phpwind75/test.php/%22%3E%3Cscript%3Ealert(’xss’)%3C/script%3E%3Cfoo
$_SERVER['SCRIPT_NAME']Ö»»ñÈ¡½Å±¾Ãû£¬²»»ñÈ¡²ÎÊý,Êä³ö½á¹ûΪ:test.php;
$_SERVER['PHP_SELF']»ñÈ¡½Å±¾Ãûºó£¬Í¬Ê±»ñÈ ......
<?php
/*
$Id: PHPZip.php
*/
class PHPZip {
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
& ......
±¾½Ì³Ì²ÉÓõÄÊÇxampp×Ô´øµÄtomcat²å¼þÀ´Íê³ÉÕûºÏµÄ£¬ËùÒÔ£¬ÒªÏëÍê³ÉÕûºÏ£¬µÚÒ»²½²»ÐèÏÂÔØxampp£¬¼°Æätomcat²å¼þ~
1.´ò¿ªxampp¹ÙÍø µã´Ëxampp¹ÙÍø´ò¿ª
&n ......
ÎÞÒâ¼ä¿´µ½ÒÔÇ°·¢µÄÌû×Ó.»ØÒäÆðÄÇЩPHPµÄÈÕÈÕÒ¹Ò¹
http://www.phpfans.net/ask/discuss2/343326196.html
<?
class gzg//¸ÆÖиÆÀà
{
var $x;//ÊôÐÔ
function gzg()//¹¹Ô캯Êý,ĬÈϲ»³Ô¸ÆÖиÆ
&n ......
°æȨÉùÃ÷£º¿ÉÒÔÈÎÒâתÔØ£¬×ªÔØʱÇëÎñ±ØÒÔ³¬Á´½ÓÐÎʽ±êÃ÷ÎÄÕÂÔʼ³ö´¦ºÍ×÷ÕßÐÅÏ¢¼°±¾ÉùÃ÷
http://www.5ilinux.com/lamp01.html
¹Ø¼ü×Ö£ºapache+mysql+php apache mysql php ÅäÖà lamp ·þÎñÆ÷ web
Linux+Apache+Mysql+PHPµäÐÍÅäÖÃ
µ÷ÊÔ»·¾³£ºRedhat9.0 Apache1.3.29 Mysql3.23.58 PHP4.3.4
LinuxϵͳµÄ°²×°ÎҾͲ»½²Á ......
