下载首页 | 资讯中心 | 下载分类 | 最近更新 | 排 行 榜 | 国产软件 | 国外软件 | 汉化补丁 |
文章搜索: 分类 关键字 收藏本站设为首页
您的位置:首页网页设计ASP程序 → PHP预定义变量__教程
PHP预定义变量__教程
日期:2007-5-9 18:50:32 人气:704     [ ]
上一页 [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14]
[15] [16] [17] [18] [19] [20] [21] [22]
下一页

This occurred on Windows 2000 server running IIS 5.0 and PHP 4.3.8.  The problem did not occur when handled by Apache, even on another Windows server.

Note: I realize passing this much data is best accomplished using the POST method, which would avoid this problem all together. I'm merely detailing a problem that I came across.

I have created a page that includes the (very long) query string that was used and some of the results that I saw while testing. It can be viewed at http://www.csb7.com/test/php_iis_qs_limit/. I didn't want to include it here as it would stretch the page out significantly.

~Chris Bloom
mfyahya at gmail dot com
07-Jun-2005 09:33
If you use Apache's redirection features for custom error pages or whatever, the following Apache's REDIRECT variables are also available in $_SERVER:
$_SERVER['REDIRECT_UNIQUE_ID]'
$_SERVER['REDIRECT_SCRIPT_URL]'
$_SERVER['REDIRECT_SCRIPT_URI]'
$_SERVER['REDIRECT_SITE_ROOT]'
$_SERVER['REDIRECT_SITE_HTMLROOT]'
$_SERVER['REDIRECT_SITE_CGIROOT]'
$_SERVER['REDIRECT_STATUS]'
$_SERVER['REDIRECT_QUERY_STRING]'
$_SERVER['REDIRECT_URL]'

I'm not sure if this is a complete list though
mp at wds-tech dot de
02-Jun-2005 03:12
Also aviable is the $_SERVER['SERVER_ADDR'] which returns the current IP of the server the script is running on.
webKami (et) AKDomains.com
24-May-2005 02:47
PHP Secure Class to prevent XSS Attacks

Although this is not bullet proof but it would give you an idea on how to filter incoming data.

Copyleft : LGPL
Idea by: phpsec GROUP @ PHP|arch

Coded By: webKami

For those who are new to PHP and just heard of XSS attacks, this is the basic rule.

"NEVER EVER TRUST EXTERNAL DATA"

For this purpose I have coded a class that can be used to filter all external data, from POST, GET, COOKIE and even your own arrays.

An example is that if you need only integers from a certain parameter just request for integer
e.g. getVarInt("id")

You can even tell it to give you a default value if param is not set, so that your page would not FAIL in case of a NULL value
e.g. getVarInt("id",1)

You can also fetch data from a param array, like a set of colors
e.g. getVarInt("colors",0,0)
e.g. getVarInt("colors",0,1)

Get these variables in a loop limited by the count of that array's elements
e.g. getVarCount("colors")

The complete code of class and its usage can be found here

http://www.webkami.com/programming/php/php-secure-class-to-avoid-xss

出处:本站原创 作者:佚名
 阅读排行
01.精美qq空间横幅代码
02.最酷qq个性女生网名
03.最新又有免费QQ秀啦《..
04.巧用透明FlaSh扮靓你的..
05.花之神匠代码(最新代码..
06.最新QQ空间免费导航
07.最新免费个人形象设置..
08.最新qq空间flash代码m..
09.CSS技术结合图像实现动..
10.Photoshop光影魔术师:..
11.QQ音速种子狂刷
12.最新QQ空间透明代码
13.PS实例教程:教你制作结..
14.Photoshop光影魔术师:..
15.制作背景图__教程
16.用Photoshop制作漂亮的..
17.如何获得QQ音速种子
18.≤QQ空间代码≥在日志..
19.网页浮动广告的制作代..
20.用Photoshop制作大红灯..
21.常用CSS
22.Photoshop给靓丽美女打..
 推荐文章
·Photoshop 表现技法之..
·快速将你的相片矢量化..
·PHOTOSHOP制作炽热的太..
·用Photoshop制作美丽的..
·流行杀手的娃娃工厂__..
·打造8号台球__教程
·PHOTOSHOP制作待机MM图..
·用Photoshop帮MM做纹身..
·PHOTOSHOP美眉着色绝招..
·PHOTOSHOP花露的制作_..
·PHOTOSHOP渐变工具的巧..
·PHOTOSHOP手绘奥兰多-..
·高难度抠图两种方法__..
·Photoshop高尔夫球的制..
·Photoshop打造精美玉佩..
Eqxia_COM下载站 版权所有 Copyright© 2001-2005 Www.eqxia.COM, All Rights Reserved.