First of all, the name of the PHP variable naming rules, Baidu next catch a lot:
(1) PHP variable names are case-sensitive;
(2) The variable name must start with the dollar sign $;
(3) The beginning of the variable name can begin with an underscore;
(4) The variable name cannot begin with a numeric character.
In fact, all programming similar naming conventions are:
1. The first character of a variable is preferably a letter or _ and cannot begin with a number
2. The second character begins to allow numbers, letters, _
Well, that's pretty much it, but that's not the point we're talking about.
Today we are talking about the available characters of PHP variables, not just numbers, letters, _ Oh.
A few days ago QQ on a friend sent me a shell, is encrypted, whole garbled, but there are comments, called "God Shield Encryption" good domineering look.
It uses some of the more uncommon knowledge points, the most obvious is the variable name, so today we start with the variable.
Of course, I didn't find any authoritative material on the Internet. Strong description of the PHP variable name available characters information, so I can only test myself. (Bad English, no way Google to favorable evidence)
First look at the method I'm using (if you have a better way, you want to share it.) )
< span="">< span="">(< span="">[< span="">'chr '< span="">< span=""> < span="">< span="">('$'. < span="">." = 1; " < span=""> ' OK ' < span=""> < span=""> < span=""> < span=""> ?>
Test
The code is relatively simple, and the PHP section is only responsible for parsing each character as a variable name and whether the result of the execution will throw an overflow.
For example, the character a will parse < span=""> (' $a =1; '); The result is sure to be fine, so no exception is thrown, and the result is the OK character.
If the character-then it will parse < span=""> (' $-=1; '); This is obviously wrong, so it throws < span=""> : syntax error, Unexpected '-', expecting t_variable or ' $ ' and OK characters.
And the following Ajax part is the use of the return result is ' OK ' to determine whether it is a valid variable name.
Let's see what happens after the execution:
"\x41, \x42, \x43, \x44, \x45, \x46, \x47, \x48, \x49, \x4a, \x4b, \x4c, \x4d, \x4e, \x4f, \x50, \x51, \x52, \x53, \x54, \ X55, \x56, \x57, \x58, \x59, \x5a, \x5f, \x61, \x62, \x63, \x64, \x65, \x66, \x67, \x68, \x69, \x6a, \x6b, \x6c, \x6d, \x6 E, \x6f, \x70, \x71, \x72, \x73, \x74, \x75, \x76, \x77, \x78, \x79, \x7a, \x7f, \x80, \x81, \x82, \x83, \x84, \x85, \x86, \x87, \x88, \x89, \x8a, \x8b, \x8c, \x8d, \x8e, \x8f, \x90, \x91, \x92, \x93, \x94, \x95, \x96, \x97, \x98, \x99, \x9a, \ x9b, \x9c, \x9d, \x9e, \x9f, \xa0, \xa1, \xa2, \xa3, \xa4, \xa5, \xa6, \xa7, \xa8, \xa9, \xaa, \xab, \xac, \xad, \xae, \xa F, \xb0, \xb1, \xb2, \xb3, \xb4, \xb5, \xb6, \xb7, \xb8, \XB9, \xba, \xbb, \XBC, \XBD, \xbe, \XBF, \xc0, \xc1, \xc2, \xc3, \xc4, \xc5, \xc6, \xc7, \xc8, \xc9, \xca, \XCB, \XCC, \xcd, \xce, \XCF, \xd0, \xd1, \xd2, \xd3, \xd4, \xd5, \xd6, \xd7, \ Xd8, \XD9, \xda, \xdb, \xdc, \xdd, \xde, \XDF, \xe0, \xe1, \xe2, \xe3, \xe4, \xe5, \xe6, \xe7, \xe8, \xe9, \xea, \xeb, \xe C, \xed, \xee, \xef, \XF0, \xf1, \xf2, \xf3, \xf4, \xf5, \xf6, \xf7, \xf8, \xf9, \xfa, \XFB, \XFC, \xfd, \xfe, \xff "
After finishing found that this is the 16 data, of course, do not understand it's okay to look at the results after escaping:
"A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, T, U, V, W, X, Y, Z, _, A, B, C, D, E, F, G, H, I, J, K, L, M, N , O, p, Q, R, S, T, U, V, W, X, Y, Z,,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,? ,?,?,?,?, , ¡,¢,£,¤,¥,¦,§,¨,©,ª,«,¬,, ®,¯,°,±,²,³,´,µ,¶,,¸,¹,º,»,¼,½,¾,¿,à,á,â, Ã,ä,å,æ,ç,è,é,ê,ë,ì,í,î,ï,ð,ñ,ò,ó,ô,õ,ö,x,ø,ù,ú,û,ü,ý,þ,ß,à,á,â,ã,ä,å,æ,ç,è,é,ê,ë, Ì,í,î,ï,ð,ñ,ò,ó,ô,õ,ö,÷,ø,ù,ú,û,ü,ý,þ,ÿ "
In addition to the previous a-z_a-z is familiar to us, the back of those messy things can also be used as a normal variable name, simply incredible. The
is actually just PHP expands the character range of the variable name, above the a-z_a-z, the variable usable character range extends to the \x7f-\xff.
Therefore, the first character range should be
So if the second character is also so, we continue the test. The
(' $ ') in the PHP code above. . " =1; "); Change to (' $a '. ." =1; "); Save test,
"\x9, \xa, \xd, \x20, \x30, \x31, \x32, \x33, \x34, \x35, \x36, \x37, \x38, \x39, \x41, \x42, \x43, \x44, \x45, \x46, \x47 , \x48, \x49, \x4a, \x4b, \x4c, \x4d, \x4e, \x4f, \x50, \x51, \x52, \x53, \x54, \x55, \x56, \x57, \x58, \x59, \x5a, \x5f, \x61, \x62, \x63, \x64, \x65, \x66, \x67, \x68, \x69, \x6a, \x6b, \x6c, \x6d, \x6e, \x6f, \x70, \x71, \x72, \x73, \x74, \x \x76, \x77, \x78, \x79, \x7a, \x7f, \x80, \x81, \x82, \x83, \x84, \x85, \x86, \x87, \x88, \x89, \x8a, \x8b, \x8c, \x8d , \x8e, \x8f, \x90, \x91, \x92, \x93, \x94, \x95, \x96, \x97, \x98, \x99, \x9a, \x9b, \x9c, \x9d, \x9e, \x9f, \xa0, \xa1, \xa2, \xa3, \xa4, \xa5, \xa6, \xa7, \xa8, \xa9, \xaa, \xab, \xac, \xad, \xae, \xaf, \xb0, \xb1, \xb2, \xb3, \xb4, \xb5, \x B6, \xb7, \xb8, \XB9, \xba, \xbb, \XBC, \XBD, \xbe, \XBF, \xc0, \xc1, \xc2, \xc3, \xc4, \xc5, \xc6, \xc7, \xc8, \XC9, \xca , \XCB, \XCC, \xcd, \xce, \XCF, \xd0, \xd1, \xd2, \xd3, \xd4, \xd5, \xd6, \xd7, \xd8, \xd9, \xda, \xdb, \xdc, \XDD, \xde, \XDF, \xe0, \xe1, \xe2,\xe3, \xe4, \xe5, \xe6, \xe7, \xe8, \xe9, \xea, \xeb, \xec, \xed, \xee, \xef, \xf0, \xf1, \xf2, \xf3, \xf4, \xf5, \xf6, \x F7, \xf8, \xf9, \xfa, \XFB, \XFC, \xfd, \xfe, \xff "
found that the results of a lot of characters, in fact, some of us are < span=""> to be removed, such as in fact, is a space, equivalent < span=""> (' $a =1; ') , it is, of course, can be carried out normally.
In addition to the space, there are \t\r\n are removed because these are also PHP syntax< span="">said to< span="">allow \t=< span="">, \n=, \r=, So we're going to get rid of the first 4 < span=""> data < span=""> < span=""> < span=""> in the results,,,
The end result is just a lot of \x30, \x31, \x32, \x33, \x34, \x35, \x36, \x37, \x38, \x39 people who are familiar with ASCII may have seen it at one glance, which is the number< span="">
So the first character range should < span=""> be to the regular is not ripe may feel how not < span=""> , actually \w is 0-9a-za-z_
Maybe someone would say $< span="">; ${< span="">}; such a variable?
I think this is out of the scope of the variable name, isn't it.
OK, about the PHP variable available characters of the knowledge point sharing is complete, if there is any wrong, please leave a message, I will promptly correct to avoid misleading everyone.
My guess: ASCII range 0-127 (< span="">< span="">-), Latin1 range 0-255 (< span="">-< span="">), Perhaps PHP is to extend the scope to the Latin1 character set, of course, I have not read the PHP source code, can only be said to be a conjecture.
After @holine remind, I went to turn over the official website Handbook, sure enough to find, well, I also took so much effort to test,
View Data http://www.php.net/manual/zh/language.variables.basics.php
http://www.bkjia.com/PHPjc/755382.html www.bkjia.com true http://www.bkjia.com/PHPjc/755382.html techarticle first of all, the name of the PHP variable naming rules, Baidu next catch a lot: (1) PHP variable names are case-sensitive; (2) The variable name must start with the dollar sign $; (3) Variable name can be underlined at the beginning ...