Php functions pseudo-static, MVC single entry, and file downloading vulnerabilities

Php functions are pseudo-static, MVC single entry, and file Upload security vulnerabilities. php functions are also pseudo-static. The following are functions used for pseudo-static functions :? FunctionMakeUrl ($ arr) {foreach ($ arras $ key & gt; $ value) {$ url [] $ key. _. $ value; php functions pseudo-static, MVC single entry, and file Upload security vulnerabilities

Php functions are also implemented in pseudo-static mode.
The following are functions used for pseudo-static functions:

?

Function MakeUrl ($ arr) {foreach ($ arr as $ key => $ value) {$ url [] = $ key. "_". $ value;} $ tmpurl = implode ("_", $ url); return $ tmpurl. ". htm ";} function ParseUrl () {if ($ _ SERVER ['path _ info']! = "") {$ Pathinfo = substr ($ _ SERVER ['path _ info'], 1); $ pathinfo = str_replace (". htm "," ", $ pathinfo); $ path = explode (" _ ", $ pathinfo); $ count = count ($ path); for ($ I = 0; $ I <$ count; $ I + = 2) {$ _ GET [$ path [$ I] = $ path [$ I + 1] ;}} // use the instance to link to the page $ path = "http://www.tiaotiaola.com/blog.php/"; $ path. = MakeUrl (array ('blogid' => 2, 'page' => 1); the above two lines of code generate the URL on the page. // Browse the page and call the ParseUrl () function. you can directly use the variable $ _ GET.

?

?

Of course, many MVC frameworks support such functions. However, the above two functions are not necessarily implemented in the MVC framework.
In fact, it is not only required for pseudo-static. It is also a required function of MVC. This is because the so-called single entry in MVC is also implemented by this function.
We can see many websites with links like? Http://www.tiaotiaola.com/s/2/3/4/5.html
It is actually handled by. htaccess or UrlRewrite. Before being processed: http://www.tiaotiaola.com/s.php/2/3/4/5.html
S. php must be the MVC entry file.
This means that files such as s. php/2/3/4/5.html will be executed as php files.

File upload vulnerability. At the beginning of this article, some.php.png will be executed as PHP, which is actually caused by a certain type of setup error.

For some. php % 3 Fpng files, even if such files exist, this file is not accessible due to the security of the APACHE server.

Of course, some.png. php cannot be uploaded to the server.

However, this does not mean that uploading is completely secure. There is still a URL embedding attack by uploading file names. Solution? The URL embedding attack method is as follows:
Rename all uploaded files. That is, the original file name is not saved. If you want to save the file, you must remove "." in the file name and other possibly aggressive syntaxes.
We recommend that you do not save the original file name, that is, use md5 or sha to hash the original file name. to distinguish the upload time, you can add a timestamp, that is, the file name is generated for pure a-z0-9 text. Add the original extension.
Another aspect: if a hacker can attack your shellserver, then some.php.png can be executed. From this point, the key is not to control the upload side, but to prevent the security configuration of remote scripts running on the server.

?

----------------------------------------

Note: Thank you for aweber on the first floor? Indicates the error in the text. When this article was published, some problems were not confirmed by a full test .?

?

?

Aweber

"Php has an puzzling feature, that is, if the file name contains". php ", the PHP engine will be automatically called for processing as a PHP script. "
This sentence is incorrect. What kind of program is used to process the suffix-name request is set based on the web server (apahce, nginx.
For example, apache can use the action command to set
Actioin application/x-httpd-php "/php/php-cgi.exe" This command is used to indicate that when you request an application/x-httpd-php media type request, use/php/php-cgi.exe to handle this request
In addition, you can use addType to establish the ing between the suffix and media type.
In addType application/x-httpd-php. php, when a request is suffixed with. php, it is considered to be of the application/x-httpd-php type,
In this way, you can set it
AddType application/x-httpd-php. example. when you request xxx. example, this file will also be parsed as a php file.