How can I use cookies to prevent user feedback? Today it's okay to go to a link to Phoenix! & Nbsp; click the jsalert button directly. how can I use cookies to prevent user feedback?
Today's Nothing blind point to a link to the Phoenix net http://yue.ifeng.com/y/detail_2011_12/07/11160676_0.shtml
The content in the comment box is: civilized Internet access, login comment!
Click js alert and enter the comment.
Click the text box to change the content to: log on first and then post a comment.
Click the button to submit it.
The latest comment on the page is displayed. Then I copied some html
HTML code
You can submit it.
Then I thought of using curl post to simulate the form effect, but failed to try it. it may be missing something.
PHP code
Header ("content-type: text/html; charset: UTF-8;");/* chId 21202 content mmmmmmmdocid 11160676 docName Wu Zhuoxi's girlfriend Zhang Xinyu's large-scale underwear selfie hot exposure docUrl http://yue.ifeng.com/y/detail_2011_12/07/11160676_0.shtml */$ Url =" http://comment.ifeng.com/post.php "; // $ Url =" http://localhost/php/index.php "; $ Data = array ('content' => 'xxxxxxxxxxoooooooooooooo ', 'docid' => 11160676, 'docname' => 'Wu Zhuoxi's girlfriend Zhang Xinyu's big-scale underwear selfies hot exposures ', 'docurl' =>' http://yue.ifeng.com/y/detail_2011_12/07/11160676_0.shtml ', 'Chid' => 21202); $ ret = http_post ($ url, $ data); var_dump ($ ret); function http_post ($ url, $ data) {$ ch = curl_init (); curl_setopt ($ ch, CURLOPT_HEADER, 1); curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ ch, CURLOPT_URL, $ url ); curl_setopt ($ ch, CURLOPT_POST, 1); $ data = http_build_query ($ data); curl_setopt ($ ch, CURLOPT_POSTFIELDS, $ data); curl_setopt ($ ch, CURLOPT_REFERER ," http://yue.ifeng.com/y/detail_2011_12/07/11160676_0.shtml "); $ Cookie =" userid = 1324252473389_2814 "; curl_setopt ($ ch, CURLOPT_COOKIE, $ cookie); $ rs = curl_exec ($ ch); curl_close ($ ch ); return $ rs ;}
The problem is:
1. the person's profile picture in the comments is gray, and the normal picture is gray. I changed the browser, opened the link, and did not see the content of the irrigation. then I used the firebug firecookie plug-in to check the cookie and found that there was a userid and cmtids. one cmtids and one more cmtids.
Http://comment.ifeng.com/view.php? Export & doc_name = % E5 % 90% B4 % E5 % 8D % 93% E7 % BE % B2 % E5 % A5 % B3 % E5 % 8F % 8B % E5 % BC % A0 % E9 % A6 % A8 % E4 % BA % 88% E5 % AE % B6 % E4 % B8 % AD % E5 % A4 % A7 % E5 % B0 % BA % E5 % BA % A6 % e5 % 86% 85% E8 % A1 % A3 % E8 % 87% AA % E6 % 8B % 8D % E7 % 85% A7 % E7 % 81% AB % E8 % BE % A3 % E6 % 9B % 9D % E5 % 85% 89 & ishot = no
Userid = 1323533123324_5513
After submitting the preceding html file, the following error occurs: cmtids = 45583 again cmtids = 45583_45612.
The cookie is cleared.
2. Why do I need to save such a comment? Since it is necessary to log on before commenting... Why does js fail to judge whether a false comment is displayed on the latest comment page?
The younger brother is not very easy to learn. I hope you can help me analyze it... GA
------ Solution --------------------
I just went to see it and submitted it directly. This website is really loose ......
If curl is not accepted, it is likely that the server still has some additional requirements (such as specific cookies). We recommend that you check the HTTP data stream when submitting the webpage, then, we should be able to simulate it with curl.