search
Homephp教程php手册php HTTP_REFERER函数的使用用法

php HTTP_REFERER函数的使用用法

Jun 13, 2016 am 11:18 AM
httpphprefererusefunctionjudgmentuseTutorialusageof

 

利用php教程的http_referer函数来判断用户的来路,这是简单了,
实例

            if (isset($_SERVER['HTTP_REFERER'])) {
                    print "The page you were on previously was {$_SERVER['HTTP_REFERER']}
";
            } else {
                    print "You didn't click any links to get here
";
            }
    ?>

    Click me!

下面我们让用户不知道我们的来路处理
实例

]$host = "www.123cha.com";
$referer = "http://".$host;
$fp = fsockopen ($host, 80, $errno, $errstr, 30);
if (!$fp){
        echo "$errstr ($errno)
;n";
}else{
$request = "
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */"."*
Referer: http://$host
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: $host
Connection: Close"
."rnrn";


fputs ($fp, "$request");
while (!feof($fp))
{
   $res[] = fgets($fp,1024);
}
$html = join("",$res);
fclose ($fp);
$fp = file_put_contents("123cha.html",$html);
echo "done";
}[/code]

这不就行了?

不过很奇怪的是,
www.hao123.com
的页面抓下来是乱码(除了http头),这是为什么?难道是因为用了gzip之类压缩?

[code]$host = "www.zhutiai.com";
$html = file_get_contents("http://".$host);
$fp = file_put_contents("hao123.html",$html);
echo "done";
?>;[/code]


但这样抓的就没问题.

再来分析开始抓的http头
[code]HTTP/1.1 200 OK Date: Wed, 31 Aug 2005 00:59:36 GMT Server: Apache/1.3.27 Cache-Control: max-age=1296000 Expires: Thu, 15 Sep 2005 00:59:36 GMT Last-Modified: Mon, 29 Aug 2005 13:56:00 GMT Accept-Ranges: bytes Connection: close Content-Type: text/html Content-Encoding: gzip Content-Length: 14567[/code]

果然有这句,Content-Encoding: gzip
原来压缩了的,长度14567字节了,
用第二种方法抓,原来没压缩的html是71143字节,原来file_get_contents还可以自动解压缩.


实例二

$host = '127.0.0.1';
$target = '/2.php';
$referer = 'http://www.bkjia.com'; //伪造HTTP_REFERER地址
$fp = fsockopen($host, 80, $errno, $errstr, 30);
if (!$fp){
echo "$errstr($errno)
n";
}
else{
$out = "
GET $target HTTP/1.1
Host: $host
Referer: $referer
Connection: Closernrn";
fwrite($fp, $out);
while (!feof($fp)){
echo fgets($fp, 1024);
}
fclose($fp);
}
?>

    另一个2.php文件很简单,只是写上一行读取当前的HTTP_REFERER服务器值的代码即可,如下:

echo "


";
echo $_SERVER["HTTP_REFERER"];
?>

 


Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

PhpStorm Mac version

PhpStorm Mac version

The latest (2018.2.1) professional PHP integrated development tool

Atom editor mac version download

Atom editor mac version download

The most popular open source editor

WebStorm Mac version

WebStorm Mac version

Useful JavaScript development tools

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function