The magic of include, Implementing path encryption _php Tutorial

Source: Internet
Author: User
1. Transit procedure Include.inc
Include_once ' include/base.php ';
$path = ";
$url = isbase::d ecrypt (UrlDecode ($_server[' query_string '));
Parse_str ($url); Gets the variable passed over the URL address get
if (!empty ($_post[' path ')) {//Gets the variable passed by POST
$path = $_post[' path '];
$path = isbase::d ecrypt (UrlDecode ($path));
}
Parse the real path
if (empty ($path)) {
Header ("Location:login.php");
Exit
}
if (!preg_match ("/(^http:/) | ( [?| &|=])/", $path)) {
Jump to the path of the actual execution file
ChDir (DirName ($path));
Include_once basename ($path);
Exit
}
?>
index.php and include.inc the same directory
Include Include.inc;
?>
2. Modify the link in the program ()
"Index.php?". Encrypt ("path=/test/test.php&test=123&test2=4321")
3. Modify the Post form in the program
The form is submitted to index.php
Add a hidden form in the middle
4. Modify the path of the front-end HTML page
Baseref=/test
5. The add and decrypt functions are provided by themselves
Summary:
This method is cumbersome, can only hide the path of the background script, the front-end script path can still be seen in the source file (Baseref)
in the address bar see the address is index.php?xxxxxxxx

http://www.bkjia.com/phpjc/629785.html www.bkjia.com true http://www.bkjia.com/phpjc/629785.html techarticle 1. Transit program Include.inc? Include_ Once ' include/base.php '; $path = "; $url = isbase::d ecrypt (UrlDecode ($_server[' query_string ')); Parse_str ($url); Get passed by URL address get ...

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.