Look at someone else's anti-attack code that has this line:
empty($_SERVER['HTTP_VIA']) or exit('Access Denied');
What's the effect?
Reply content:
Look at someone else's anti-attack code that has this line:
empty($_SERVER['HTTP_VIA']) or exit('Access Denied');
What's the effect?
The landlord may be puzzled by the problem of or
This kind of writing is a commonly used procedural technique of PHP.
A or B, as long as AB has one satisfying true, it executes the following statement immediately.
When a is not true, or is not immediately determined, it also needs to go down to the second condition B, and the result B will exit directly, so it looks a little more concise than the IF statement. In other words, if a is true, then access denied will not be executed.
In fact, the main use of the following points:
Or with left-to-right binding
In the or condition, only one condition is true, then the remaining condition is not judged, and the code snippet in the braces is executed directly.
This is more beautiful than if (empty (XXX)) {xxxx}
If there is any mistake, please correct me.
Prevent users from running to this program in the right way.
$_SERVER['HTTP_VIA']
Is the proxy server address, that is, if the user is accessed through a proxy, it will exit directly and will not continue to execute. This is a measure to ensure security.
The proxy server IP is not empty when exiting the current program and outputting Access Denied
to prevent external attacks.