Ò׽ؽØÍ¼Èí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

PHP³ÌÐòÔ±×îÒ×·¸10ÖÖ´íÎó(×ªÔØ)


PHPÊǸöΰ´óµÄweb¿ª·¢ÓïÑÔ£¬Áé»îµÄÓïÑÔ£¬µ«ÊÇ¿´µ½php³ÌÐòÔ±Öܶø¸´Ê¼µÄ·¸µÄһЩ´íÎó¡£ÎÒ×öÁËÏÂÃæÕâ¸öÁÐ±í£¬ÁгöÁËPHP³ÌÐòÔ±¾­³£·¸µÄ10ÖдíÎ󣬴ó¶àÊýºÍ°²È«Ïà¹Ø¡£¿´¿´Äã·¸Á˼¸ÖÖ£º
1.²»×ªÒâhtml entities
Ò»¸ö»ù±¾µÄ³£Ê¶£ºËùÓв»¿ÉÐÅÈεÄÊäÈë£¨ÌØ±ðÊÇÓû§´ÓformÖÐÌá½»µÄÊý¾Ý£© £¬Êä³ö֮ǰ¶¼Òª×ªÒâ¡£
echo $_GET['usename'] ;
Õâ¸öÀý×ÓÓпÉÄÜÊä³ö£º
<script>/*¸ü¸ÄadminÃÜÂëµÄ½Å±¾»òÉèÖÃcookieµÄ½Å±¾*/</script>
ÕâÊÇÒ»¸öÃ÷ÏԵݲȫÒþ»¼£¬³ý·ÇÄã±£Ö¤ÄãµÄÓû§¶¼ÕýÈ·µÄÊäÈë¡£
ÈçºÎÐÞ¸´£º
ÎÒÃÇÐèÒª½«”< “,”>”,”and”µÈת»»³ÉÕýÈ·µÄHTML±íʾ(<, >’, and “)£¬º¯Êýhtmlspecialchars ºÍhtmlentities()ÕýÊǸÉÕâ¸ö»îµÄ¡£
ÕýÈ·µÄ·½·¨£ºecho htmlspecialchars($_GET['username'], ENT_QUOTES);
2. ²»×ªÒâSQLÊäÈë
ÎÒÔø¾­ÔÚһƪÎÄÕÂÖÐ×î¼òµ¥µÄ·ÀÖ¹sql×¢ÈëµÄ·½·¨(php+mysqlÖÐ)ÌÖÂÛ¹ýÕâ¸öÎÊÌâ²¢¸ø³öÁËÒ»¸ö¼òµ¥µÄ·½·¨¡£ÓÐÈ˶ÔÎÒ˵£¬ËûÃÇÒѾ­ÔÚphp.iniÖн«magic_quotesÉèÖÃΪOn£¬ËùÒÔ²»±Øµ£ÐÄÕâ¸öÎÊÌ⣬µ«ÊDz»ÊÇËùÓеÄÊäÈë¶¼ÊÇ´Ó$_GET, $_POST»ò $_COOKIEÖеĵõ½µÄ£¡
ÈçºÎÐÞ¸´£º
ºÍÔÚ×î¼òµ¥µÄ·ÀÖ¹sql×¢ÈëµÄ·½·¨(php+mysqlÖÐ)ÖÐÒ»ÑùÎÒ»¹ÊÇÍÆ¼öʹÓÃmysql_real_escape_string()º¯Êý
ÕýÈ·×ö·¨£º
<?php
$sql = “UPDATE users SET
name=’.mysql_real_escape_string($name).’
WHERE id=’.mysql_real_escape_string ($id).’”;
mysql_query($sql);
?>
3.´íÎóµÄʹÓÃHTTP-header Ïà¹ØµÄº¯Êý:header(), session_start(), setcookie()
Óöµ½¹ýÕâ¸ö¾¯¸æÂð?”warning: Cannot addheader information - headers already sent [....]
ÿ´Î´Ó·þÎñÆ÷ÏÂÔØÒ»¸öÍøÒ³µÄʱºò£¬·þÎñÆ÷µÄÊä³ö¶¼·Ö³ÉÁ½¸ö²¿·Ö£ºÍ·²¿ºÍÕýÎÄ¡£
Í·²¿°üº¬ÁËһЩ·Ç¿ÉÊÓµÄÊý¾Ý£¬ÀýÈçcookie¡£Í·²¿×ÜÊÇÏȵ½´ï¡£ÕýÎIJ¿·Ö°üÀ¨¿ÉÊÓµÄhtml£¬Í¼Æ¬µÈÊý¾Ý¡£
Èç¹ûoutput_bufferingÉèÖÃΪOff£¬ËùÓеÄHTTP-headerÏà¹ØµÄº¯Êý±ØÐëÔÚÓÐÊä³ö֮ǰµ÷Óá£ÎÊÌâÔÚÓÚÄãÔÚÒ»¸ö»·¾³Öпª·¢£¬¶øÔÚ²¿Êðµ½ÁíÒ»¸ö»·¾³ÖÐÈ¥µÄʱºò£¬output_bufferingµÄÉèÖÿÉÄܲ»Ò»Ñù¡£½á¹ûתÏòÍ£Ö¹ÁË£¬cookieºÍsession¶¼Ã»ÓÐÕýÈ·µÄÉèÖÃ……..¡£
ÈçºÎÐÞ¸´:
È·±£ÔÚÊä³ö֮ǰµ÷ÓÃhttp-headerÏà¹ØµÄº¯Êý£¬²¢ÇÒÁîoutput_buffering = Off
¡£
4. Require »òinclude µÄÎļþʹÓò»°²È«µÄÊý¾Ý
ÔÙ´ÎÇ¿µ÷£º²»ÒªÏàÐÅ


Ïà¹ØÎĵµ£º

¼èÄѵľñÔñ£ºPHPÓëASPµÄ×ۺϱȽÏ

ʲôÊÇPHP
¡¡¡¡PHP´ú±íÁË"³¬Îı¾´¦ÀíÆ÷"£¬ÕâÒâζ×ÅÄã±ØÐëÖªµÀ£¬ËüÊÇÒ»ÖÖ·þÎñÆ÷¶ËµÄ´¦ÀíÓïÑÔ£¬ÇÒÒÔHTMLµÄÐÎʽ³öÏÖ¡£Ëü×î³£Óõĵط½¾ÍÊÇÍøÒ³ÁË£¬Êý¾Ý´Ó¿Í»§»ú·¢Ë͵½Web·þÎñÆ÷£¬ÐÅÏ¢Ôڴ˱»´¦Àí²¢·µ»Ø½á¹û¡£
¡¡¡¡µ«ÕâÖÖͨÓÃÐÔµÄÓïÑÔË¿ºÁ²»¾ÖÏÞÓÚÔÚÍøÒ³·½Ã棬PHPÒ²Äܱ»ÓÃÔÚÃüÁîÐÐshellÖУ¬Ëü¿É×÷Ϊ²Ù×÷ϵͳµÄÒ»¸öÀ©Õ¹£¬ÓÉ´ËÖ´Ð ......

¡¾×ª¡¿´´ÔìÊÀ½çÉÏ×î¼òµ¥µÄ PHP ¿ª·¢Ä£Ê½

 ¡¡¡¡php ×÷Ϊ“×î¼òµ¥”µÄ Web ½Å±¾ÓïÑÔ, ÔÚ¹úÄÚµÄÊг¡Ô½À´Ô½´ó£¬phper Ô½À´Ô½¶à£¬µ«ÊǸоõ´ó¶àÊýÈ˺ÃÏñûÓп¼Âǵ½Ä£Ê½ÎÊÌ⣬ʲôÑùµÄÉè¼ÆÄ£Ê½²ÅÊÇ×îÓŵ쬲ÅÊÇ×îÊʺÏ×Ô¼ºÄ¿Ç°¹¤×÷µÄ£¬±Ï¾¹Ð§ÂÊÊÇ×îÖØÒªµÄ£¨ÓÃʡϵÄʱ¼ä´òÓÎÏ·£¬¶àÃÀ°¡...£©¡£MVC Ó¦¸ÃÊÇÊ×Ñ¡£¬www.sourceforge.net ÉÏÓкöàÓÅÐãµÄ»ùÓÚ MVC µ ......

phpÎļþÉÏ´«

//ÉÏ´«Îļþ
$dir="../upfile/jianli";
set_time_limit(0);
extract($_FILES);
if(!empty($res_clett["name"])){
    $upfile=&$HTTP_POST_FILES['con_pdf'];
    $upfileEx=substr($upfile['name'],-3);
    $tmp_name=date("YmdGhis").'.'.$upfileEx;
 &nb ......

php ²»Ö§³ÖÖÐÎÄÎļþÃûµÄ´¦Àí

×î½üдһ¸ö¹ØÓÚ¶ÁÈ¡ÖÐÎÄÎļþÃûµÄСCASEÖÐÓöµ½Á˲»PHP²»Ö§³ÖÖÐÎÄÎļþÃûµÄÎÊÌâ
ÎҵĻ·¾³£º
WINDOWS+Appach +mysql
phpÒ³ MYSQL¾ùΪ±àÂëUTF-8
½â¾ö·½·¨ÈçÏ£º
ÔÚMYSQLÖÐÈ¡³öµÄÖÐÎÄÎļþÃûת»»Æä±àÂë
$fileName=iconv("UTF-8","GBK",$fileName); ......

Á˽âÈçºÎʹÓà PHP µÄ¸÷ÖÖÎļþº¯Êý

·¢ÐÅÈË: feuvan ( }><(([@> ~ ), ÐÅÇø: PHP
±ê  Ìâ: [ÈëÃÅ]ÓàPHP ¶ÁÈ¡ÎļþµÄÕýÈ··½·¨
·¢ÐÅÕ¾: Ë®Ä¾ÉçÇø (Wed Mar  7 17:51:58 2007), Õ¾ÄÚ
http://www.ibm.com/developerworks/cn/opensource/os-php-re ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØÍ¼ | ¸ÓICP±¸09004571ºÅ