search

Home >Backend Development >PHP Tutorial >方维源码,获取当前脚本为false 系统报错request_tainting 问题

方维源码,获取当前脚本为false 系统报错request_tainting 问题

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOriginal
2016-06-06 20:48:281230browse

<code>$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
        systemError('request_tainting');
</code>

$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明

附:

<code>function getPhpSelf()
{
    $php_self = '';
    $script_name = basename($_SERVER['SCRIPT_FILENAME']);
    if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['SCRIPT_NAME'];
    else if(basename($_SERVER['PHP_SELF']) === $script_name)
        $php_self = $_SERVER['PHP_SELF'];
    else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['ORIG_SCRIPT_NAME'];
    else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
        $php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
    else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
        $php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
    else
        return false;
    return $php_self;
}
</code>

回复内容:

<code>$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
        systemError('request_tainting');
</code>

$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明

附:

<code>function getPhpSelf()
{
    $php_self = '';
    $script_name = basename($_SERVER['SCRIPT_FILENAME']);
    if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['SCRIPT_NAME'];
    else if(basename($_SERVER['PHP_SELF']) === $script_name)
        $php_self = $_SERVER['PHP_SELF'];
    else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['ORIG_SCRIPT_NAME'];
    else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
        $php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
    else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
        $php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
    else
        return false;
    return $php_self;
}
</code>

应该是服务器配置异常的时候。就会出现那个错误了。

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:linux - PHP GnuPG迁移问题Next article:apache2.2 - 为什么Mod_php的性能不及php-fpm

Related articles

See more