自制一个小小的网站,其中一个功能总是有问题,求各位解答?
one.php:(开始运行的入口)
<br /> <?php<br /> /**<br /> * index.php MyLocalShop 入口<br /> * <br /> * @copyright (C)2013-2014 MyLocalShop<br /> * @license http://www.baidu.com/<br /> * @lastmodify 2013-01-07<br /> */<br /> <br /> <br /> /**<br /> * 网站根目录路径<br /> * @var string<br /> */<br /> define('LOCALSHOP_PATH', dirname(__FILE__).DIRECTORY_SEPARATOR);<br /> //echo LOCALSHOP_PATH;<br /> <br /> require_once LOCALSHOP_PATH.'/base.php';<br /> $mls = new MLS();<br /> $mls->Load('front/includes/', 'dindex.phdp'); // 这是错误的,但为什么这里同样正确显示?<br /> $mls->Load('front/includes/', 'index.php'); // 这个才是真正文件名<br /> ?><br />
dir_list.php:(显示目录树结构用于在base.php中判断是否有该目录或文件)
<br /> <?php<br /> /**<br /> * 显示整个网站的目录树结构<br /> * @author Administrator<br /> *<br /> */<br /> function dir_list() {<br /> return array(<br /> 'admin' => array(<br /> 'css',<br /> 'images',<br /> 'includes' => array(<br /> 'libs'<br /> ),<br /> 'js'<br /> ),<br /> 'common' => array(<br /> 'config' => array(<br /> 'admin' => array(<br /> 'config.php'<br /> ),<br /> 'front' => array(<br /> 'config.php'<br /> ),<br /> 'config.php',<br /> 'dir_list.php'<br /> ),<br /> 'includes' => array(<br /> 'libs'<br /> ),<br /> 'js',<br /> 'languages' => array(<br /> 'en_US' => array(<br /> 'admin' => array(<br /> 'common.php'<br /> ),<br /> 'front' => array(<br /> 'common.php'<br /> )<br /> ),<br /> 'zh_CN' => array(<br /> 'admin' => array(<br /> 'common.php'<br /> ),<br /> 'front' => array(<br /> 'common.php'<br /> )<br /> )<br /> ),<br /> 'templates' => array(<br /> 'Templates.php'<br /> )<br /> ),<br /> 'front' => array(<br /> 'css',<br /> 'images',<br /> 'includes' => array(<br /> 'libs'<br /> ),<br /> 'js'<br /> ),<br /> //'base.php',<br /> //'index.php'<br /> );<br /> }<br /> ?><br />
base.php:(用于检查目录及文件名是否存在,存在则转向所指页面)
<br> <?php <br /> /**<br> * MyLocalShop 框架入口<br> * @author Administrator<br> *<br> */<br> require_once LOCALSHOP_PATH.'/common/config/dir_list.php';<br> <br> class MLS {<br> /**<br> * 私有函数。判断是否存在该目录或文件,有则返回true,无则返回false<br> * @param string $target 目录或文件<br> * @return 若判断为文件类型则返回"beFile",若判断为目录类型则返回"beDir";若既不是文件也不是目录则返回 false。<br> */<br> private function hasDirectoryOrFile($target) {<br> $dirs = MLS::load_all_directory();<br> <br> foreach ($dirs as $key => $value) {<br> if (in_array($target, $value)) {<br> $suffix = substr($target, -1, 4);<br> if ($suffix === '.php')<br> /*if (strrchr('.php', $target) || strrchr('.html', $target) || strrchr('.htm', $target) || strrchr('.xhtm', $target) ||<br> strrchr('.xhtml', $target) || strrchr('.tpl', $target) || strrchr('.xml', $target) || strrchr('.xls', $target) || <div class="clear"> </div>

PHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.

The security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.

PHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita

ToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si

The steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.

The article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.

The article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.

Article discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

Dreamweaver CS6
Visual web development tools

EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function

DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
