phpÓйصļ¸ÖÖ³£¼û°²È«Ïê½â
(1) ´ò¿ªphpµÄ°²È«Ä£Ê½
phpµÄ°²È«Ä£Ê½ÊǸö·Ç³£ÖØÒªµÄÄÚǶµÄ°²È«»úÖÆ£¬Äܹ»¿ØÖÆÒ»Ð©phpÖеĺ¯Êý£¬±ÈÈçsystem()£¬
ͬʱ°ÑºÜ¶àÎļþ²Ù×÷º¯Êý½øÐÐÁËȨÏÞ¿ØÖÆ£¬Ò²²»ÔÊÐí¶ÔijЩ¹Ø¼üÎļþµÄÎļþ£¬±ÈÈç/etc/passwd£¬
µ«ÊÇĬÈϵÄphp.iniÊÇûÓдò¿ª°²È«Ä£Ê½µÄ£¬ÎÒÃǰÑËü´ò¿ª£º
safe_mode = on
(2) Óû§×鰲ȫ
µ±safe_mode´ò¿ªÊ±£¬safe_mode_gid±»¹Ø±Õ£¬ÄÇôphp½Å±¾Äܹ»¶ÔÎļþ½øÐзÃÎÊ£¬¶øÇÒÏàͬ
×éµÄÓû§Ò²Äܹ»¶ÔÎļþ½øÐзÃÎÊ¡£
½¨ÒéÉèÖÃΪ£º
safe_mode_gid = off
Èç¹û²»½øÐÐÉèÖ㬿ÉÄÜÎÒÃÇÎÞ·¨¶ÔÎÒÃÇ·þÎñÆ÷ÍøÕ¾Ä¿Â¼ÏµÄÎļþ½øÐвÙ×÷ÁË£¬±ÈÈçÎÒÃÇÐèÒª
¶ÔÎļþ½øÐвÙ×÷µÄʱºò¡£
(3) °²È«Ä£Ê½ÏÂÖ´ÐгÌÐòÖ÷Ŀ¼
Èç¹û°²È«Ä£Ê½´ò¿ªÁË£¬µ«ÊÇÈ´ÊÇÒªÖ´ÐÐijЩ³ÌÐòµÄʱºò£¬¿ÉÒÔÖ¸¶¨ÒªÖ´ÐгÌÐòµÄÖ÷Ŀ¼£º
safe_mode_exec_dir = D:/usr/bin
Ò»°ãÇé¿öÏÂÊDz»ÐèÒªÖ´ÐÐʲô³ÌÐòµÄ£¬ËùÒÔÍÆ¼ö²»ÒªÖ´ÐÐϵͳ³ÌÐòĿ¼£¬¿ÉÒÔÖ¸ÏòÒ»¸öĿ¼£¬
È»ºó°ÑÐèÒªÖ´ÐеijÌÐò¿½±´¹ýÈ¥£¬±ÈÈ磺
safe_mode_exec_dir = D:/tmp/cmd
µ«ÊÇ£¬ÎÒ¸üÍÆ¼ö²»ÒªÖ´ÐÐÈκγÌÐò£¬ÄÇô¾Í¿ÉÒÔÖ¸ÏòÎÒÃÇÍøÒ³Ä¿Â¼£º
safe_mode_exec_dir = D:/usr/www
(4) °²È«Ä£Ê½Ï°üº¬Îļþ
Èç¹ûÒªÔÚ°²È«Ä£Ê½Ï°üº¬Ä³Ð©¹«¹²Îļþ£¬ÄÇô¾ÍÐÞ¸ÄÒ»ÏÂÑ¡Ï
safe_mode_include_dir = D:/usr/www/include/
Æäʵһ°ãphp½Å±¾Öаüº¬Îļþ¶¼ÊÇÔÚ³ÌÐò×Ô¼ºÒѾдºÃÁË£¬Õâ¸ö¿ÉÒÔ¸ù¾Ý¾ßÌåÐèÒªÉèÖá£
(5) ¿ØÖÆphp½Å±¾ÄÜ·ÃÎʵÄĿ¼
ʹÓÃopen_basedirÑ¡ÏîÄܹ»¿ØÖÆPHP½Å±¾Ö»ÄÜ·ÃÎÊÖ¸¶¨µÄĿ¼£¬ÕâÑùÄܹ»±ÜÃâPHP½Å±¾·ÃÎÊ
²»Ó¦¸Ã·ÃÎʵÄÎļþ£¬Ò»¶¨³Ì¶ÈÉÏÏÞÖÆÁËphpshellµÄΣº¦£¬ÎÒÃÇÒ»°ã¿ÉÒÔÉèÖÃΪֻÄÜ·ÃÎÊÍøÕ¾Ä¿Â¼£º
open_basedir = D:/usr/www
(6) ¹Ø±ÕΣÏÕº¯Êý
Èç¹û´ò¿ªÁ˰²È«Ä£Ê½£¬ÄÇôº¯Êý½ûÖ¹ÊÇ¿ÉÒÔ²»ÐèÒªµÄ£¬µ«ÊÇÎÒÃÇΪÁ˰²È«»¹ÊÇ¿¼ÂǽøÈ¥¡£±ÈÈ磬
ÎÒÃǾõµÃ²»Ï£ÍûÖ´ÐаüÀ¨system()µÈÔÚÄǵÄÄܹ»Ö´ÐÐÃüÁîµÄphpº¯Êý£¬»òÕßÄܹ»²é¿´phpÐÅÏ¢µÄ
phpinfo()µÈº¯Êý£¬ÄÇôÎÒÃǾͿÉÒÔ½ûÖ¹ËüÃÇ£º
disable_functions = system,passthru,exec,shell_exec,popen,phpinfo
Èç¹ûÄãÒª½ûÖ¹ÈκÎÎļþºÍĿ¼µÄ²Ù×÷£¬ÄÇô¿ÉÒԹرպܶàÎļþ²Ù×÷
disable_functions = chdir,chroot,dir,getcwd,opendir,readdir,scandir,fopen,unlink,delete,copy,mkdir, rmdir,rename,file,file_get_contents,fputs,fwrite,chgrp,chmod,chown
ÒÔÉÏÖ»ÊÇÁÐÁ˲¿·Ö²»½Ð³£ÓõÄÎļþ´¦Àíº¯Êý£¬ÄãÒ²¿ÉÒÔ°ÑÉÏÃæÖ´ÐÐÃüÁÊýºÍÕâ¸öº¯Êý½áºÏ£¬
¾ÍÄܹ»µÖÖÆ´ó²¿·ÖµÄphpshellÁË¡£
Ïà¹ØÎĵµ£º
»ù´¡Ìâ
¡¡¡¡1.±íµ¥ÖÐ getÓëpostÌá½»·½·¨µÄÇø±ð?
¡¡¡¡´ð£ºgetÓû§¶Ë½«Êý¾Ý¼Óµ½URLºó£¬¸ñʽΪ”?×Ö¶Î1=ÊäÈëÊý¾Ý1&×Ö¶Î2=ÊäÈëÊý¾Ý2&..."¡£
¡¡¡¡ÓÉÓÚgetÌá½»²ÎÊýºó»áÔÚµØÖ·À¸ÖÐÏÔʾ³öÀ´£¬ËùÒÔ»á²úÉúÑÏÖØµÄ°²È«ÎÊÌâ¡£
¡¡¡¡get´«ÊäµÄÊý¾ÝÁ¿Ð¡£¬get´«ÊäµÄÊý¾ÝÁ¿Ð¡£¬ÕâÖ÷ÒªÊÇÒòΪÊÜurl³¤¶ÈÏÞÖÆ;¶øpost¿ÉÒÔ´«Ê ......
¡¡×î½üÔÚÕÛÌÚ PHP + MYSQL
µÄ±à³Ì¡£Á˽âÁËһЩ PHP SQL ×¢Èë¹¥»÷
µÄ֪ʶ£¬ÓÚÊÇдÁËÕâÆªÎÄÕ¡¡http://www.xiaohui.com/weekly/20070314.htm£¬×ܽáһϾÑé¡£ÔÚÎÒ¿´À´£¬Òý·¢ SQL ×¢Èë¹¥»÷
µÄÖ÷ÒªÔÒò£¬ÊÇÒòΪÒÔÏÂÁ½µãÔÒò£º
¡¡¡¡1. php ÅäÖÃÎļþ php.ini ÖÐµÄ magic_quotes_gpc
Ñ¡ÏîûÓдò¿ª£¬±»ÖÃΪ off
¡¡¡¡2. ¿ª·¢ ......
²½Ö裺
1.ÔËÐÐÃüÁ./ext_skel --extname=sharemem
2.ÔËÐÐÃüÁ./configure --with-php-config=/usr/local/lnmp/php/bin/php-config
3.make clean
make
make install
/usr/local/lnmp/php/sbin/php-fpm restart
/usr/local/lnmp/php/bin/php-cgi /data0/htdocs/blog/sharemem.php
´úÂëÈçÏ£º
1.config.m4
PHP_A ......
PHPµÄÒ»¸öÊý¾Ý¿â²Ù×÷Àà,ÒÔUTF8¸ñʽдÈë,Êý¾Ý¿âÄÚÖ±½ÓÏÔʾÕý³£ÖÐÎÄ,·ÀÖ¹²éѯ³ö´í
/**
* @author xggxnn
* ±¾ÀàÓÃÓÚʵÏÖÓйØÊý¾Ý¿âµÄ·ÃÎÊ
*
*/
class DBConnection {
private $host = "";
private $user = "";
private $pass = "";
private $DBname = "";
public $isConnected = false;
/**
* ¹¹Ôìº ......
ͨѶ¼ÒѾ´óÖÂÍê³ÉÁË£¬µ«Èç¹û¼Ç¼Êý¶àʱ£¬²éÕÒÆðÀ´ºÜ²»·½±ã£¬Èç¹û¼ÓÒ»¸öËÑË÷¹¦ÄܾͺÃÁË¡£½ñÌìÎÒÃǾÍÀ´ÖÆ×÷Ò»¸öËÑË÷¹¦ÄÜ
ÔÚIndex.phpºÏÊʵĵط½¼ÓÈëËÑË÷¿ò
<!---ËÑË÷¿ò--->
<!--ÕâÀïµÄËùÓÐÖµÇ°Ãæ¼Óǰ׺“S_”ÒÔÇø·Ö-->
<form id="form1" name="form1" method="post" action="Search.php ......