The answer is: when the server uses the php feature (function) to include any file, the source of the file to be included is not strictly filtered, so that it can contain a malicious file, we can construct this malicious file to achieve the evil
PHP obtains the path, name, and server path of the file running before the current period. & lt ;? Phpecho displays the relative path and file name of the script file :. $ _ SERVER [PHP_SELF]. & lt; br & gt; echo display the CGI script
PHP obtains the path, name, and server path of the file running before the current period. & lt ;? Phpecho "shows the relative path and file name of the script file :\"". $ _ SERVER ["PHP_SELF"]. "\" & lt; br & gt; "; echo" display the CGI script
For example, just record the uncertain path contained in PHP:
This is caused by the include path of PHP. Test it by yourself and summarize it as follows.
DefinitionA = include file B = file included by a c = file included by B That is to say, a
PHP Tutorial Configuration Chinese Narration
Let's see what you see, php.ini.
[PHP]
;;;;;;;;;;;; WARNING;;;;;;;;;;;;; This is the default settings file for new PHP installations.; By default, PHP installs itself with a configuration suitable for;
Analysis of the relationship between the absolute path and relative path of php. Php does not seem to use "" to represent the root directory as asp does. Instead, it uses $ _ SERVER [DOCUMENT_ROOT]. Others are the same:... to represent the upper
1. What is "Remote File Inclusion Vulnerability "?The answer is: when the server uses the php feature (function) to include any file, the source of the file to be included is not strictly filtered, so that it can contain a malicious file, however,
The pool of PHP-FPM
To avoid using the same pool for multiple sites, a separate pool for each site needs to be configured if one site's traffic is too large to cause problems with resource exhaustion, which in turn affects the normal operation
Php command line (cli) to execute the relative path of the PHP script file. Php command line (cli) to execute the relative path of the PHP script file. the working directory of the Execution Environment (getcwd () is the relative path of the php
Summary of php application path variables. Local server, domain name d.com, root path D: phpnowvhostsd.com. yii, with the requeir_onceaa.php file in the x. php code in the root directory, and aa. php requeir_onceabb.php
Local server, domain
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.