本文介绍了发送带有表单提交的PHP文件系统函数的变量的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试找到一种安全的方法来进行以下操作:
I'm trying to find a secure way to do the following:
- 用户以html形式输入值.
- 表单已提交.
- PHP使用提交的值作为"scandir"函数的参数.
我的理论是php脚本中包含逻辑,该逻辑禁止绝对路径,并要求目录名称包含某个值.
My theory is include logic in the php script that forbids absolute paths and requires the directory name to include a certain value.
我担心的是,黑客可能会使用我的表单来提交自己的价值并访问敏感文件.
My concern is that a hacker could use my form to submit his own value and access sensitive files.
这是针对JQuery插件的.我不希望用户必须修改PHP文件.
This is for a JQuery plugin. I don't want users to have to modify the PHP file.
如何破解以下代码?
<?php
$foo = $_POST["some_directory"];
//validate $foo
//make sure path to directory is relative
$foo_url_test = parse_url($foo);
if (isset($foo_url_test['scheme']) || isset($foo_url_test['host'])) {
$foo = NULL;
}
//make sure the directory name contains 'bar123'
$foo_name_test = preg_split('_[\\\\/]_', $foo);
$foo_name_test = end($foo_name_test);
$foo_name_test = strpos($foo_name_test,'bar123');
if ($foo_name_test === false) {
$foo = NULL;
}
//make sure the path does not contain '..'
$foo_dot_dot_test = strpos($foo,'..');
if ($foo_dot_dot_test == TRUE || $foo_dot_dot_test === 0) {
$foo = NULL;
}
//get files
$files_array = scandir($foo);
?>
推荐答案
您可能想看看 realpath().
$foo = realpath($foo);
if (substr($foo, 0, 8) != '/my/path') {
return false;
}
...或类似的东西.
...or something like that.
这篇关于发送带有表单提交的PHP文件系统函数的变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!