Principles of PHP pseudo-static technology and breakthrough principles

Source: Internet
Author: User
Tags havij
First, let's talk about the implementation method: inj. php: [php] & lt ;? Phpset_time_limit (10); $ id = $ _ GET [& quot; id & quot;]; $ id = str_replace (& quot;, & quot; % 20 & quot;, $ id); $ id = str_replace (& quot; = & quot;, & quot;

First, the implementation method is as follows:
Inj. php:
[Php]
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.
 
$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>

Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.

$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Use wamp to build a server, put inj. php in wamp/www/, and then run http: // 127.0.0.1/inj. php in Havij? Id = 1


==================================
PHP pseudo-static implementation method 1 (using the functions of the Apache server)

1. check whether Apache supports mod_rewrite.
2. enable Apache to support. htaccess
3. create a. htaccess file
4. rules:
RewriteEngine on
RewriteRule (%a-za-z%}1,%}-(%0-9%}1,%}.html $ index. php? Action = $1 & id = $2
([A-zA-Z] {1,})-([0-9] {1,}) What is the URL length?
$1 is ([a-zA-Z] {1,}) matched
$2 is matched by [0-9] {1 ,}
For example: www.xx.com/page-18.html
The actual URL is as follows:
Action = page
Id = 18

======================================
PHP pseudo-static implementation method 2 (encoding implementation)

$ Php2Html_FileUrl = $ _ SERVER ["REQUEST_URI"]
Echo $ Php2Html_FileUrl

Example: // localhost/php100/test. php? Id | 1 @ action | 2

[Php]
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */
 
Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}

$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */

Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}


======================================
PHP pseudo-static implementation method 3 (encoding implementation)
Example: localhost/php100/test. php/1/2
[Php]
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;
 
If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {

$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];

// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;

$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}

$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;

If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {

$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];

// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;

$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}


======================================
PHP pseudo-static implementation method 4 (encoding implementation)
[Php]
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]

$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );

$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html

$ Vars = explode ("/", $ nav );
Print_r ($ vars );

For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}

Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]

$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );

$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html

$ Vars = explode ("/", $ nav );
Print_r ($ vars );

For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}


======================================
PHP pseudo-static implementation method 5 (encoding implementation)
Example:/, 8630.html
[Php]
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";

If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";

 


Conclusion: (1) the pseudo-static technology is a good breakthrough. you need to construct a transit injection page by yourself.

(2) The Principles of pseudo-static technology are very simple, that is, the original index. php? Id = 1.

 

 

First, the implementation method is as follows:
Inj. php:
[Php]
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.
 
$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>

Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.

$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Use wamp to build a server, put inj. php in wamp/www/, and then run http: // 127.0.0.1/inj. php in Havij? Id = 1


==================================
PHP pseudo-static implementation method 1 (using the functions of the Apache server)

1. check whether Apache supports mod_rewrite.
2. enable Apache to support. htaccess
3. create a. htaccess file
4. rules:
RewriteEngine on
RewriteRule (%a-za-z%}1,%}-(%0-9%}1,%}.html $ index. php? Action = $1 & id = $2
([A-zA-Z] {1,})-([0-9] {1,}) What is the URL length?
$1 is ([a-zA-Z] {1,}) matched
$2 is matched by [0-9] {1 ,}
For example: www.xx.com/page-18.html
The actual URL is as follows:
Action = page
Id = 18

======================================
PHP pseudo-static implementation method 2 (encoding implementation)

$ Php2Html_FileUrl = $ _ SERVER ["REQUEST_URI"]
Echo $ Php2Html_FileUrl

Example: // localhost/php100/test. php? Id | 1 @ action | 2

[Php]
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */
 
Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}

$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */

Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}


======================================
PHP pseudo-static implementation method 3 (encoding implementation)
Example: localhost/php100/test. php/1/2
[Php]
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;
 
If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {

$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];

// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;

$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}

$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;

If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {

$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];

// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;

$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}


======================================
PHP pseudo-static implementation method 4 (encoding implementation)
[Php]
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]

$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );

$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html

$ Vars = explode ("/", $ nav );
Print_r ($ vars );

For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}

Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]

$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );

$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html

$ Vars = explode ("/", $ nav );
Print_r ($ vars );

For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}


======================================
PHP pseudo-static implementation method 5 (encoding implementation)
Example:/, 8630.html
[Php]
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";

If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";

 


Conclusion: (1) the pseudo-static technology is a good breakthrough. you need to construct a transit injection page by yourself.

(2) The Principles of pseudo-static technology are very simple, that is, the original index. php? Id = 1.

 

 

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.