PHP basics POST and GET, phppostget_PHP tutorial-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

PHP basics POST and GET, phppostget_PHP tutorial

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 13, 2016 am 09:45 AM

php

PHP basics POST and GET, phppostget

The difference between post and get Key points: When *.Post transmits data, it does not need to be displayed in the URL, but the Get method must be displayed in the URL.
*.Post transmits a large amount of data, which can reach 2M, while the Get method can only transfer about 1024 bytes due to the URL length limit.
*.Post, as the name suggests, is to transmit data to the server segment , Get is to obtain data from the server segment. The reason why Get can also transmit data is just to tell the server what kind of data you need. Post information is used as the content of the http request, while Get is transmitted in the Http header. Detailed description: 1. Get transfers the user's data through a URL request, connects the names of each field in the form and its content as a pair of strings, and places them in the URL of the program pointed to by the action attribute. The data will be displayed directly on the URL, just like the user Just like clicking a link; The Post method uses the HTTP post mechanism to place the names of each field in the form and its content in the HTML header (header) and transmit it to the server for processing by the program pointed to by the action attribute. The program will use the standard input (stdin) method. , read the form data and process it 2. The Get method requires using Request.QueryString to obtain the value of the variable. Post method uses Request.Form to access the submitted content.

3. The amount of data transmitted by the Get method is very small, generally limited to about 2 KB, but the execution efficiency is better than the Post method; The amount of data transferred in the Post method is relatively large. It waits for the server to read the data. There is also a byte limit. This is to avoid malicious attacks on the server with large amounts of data.
Suggestion: Unless you are sure that the data you submit can be submitted at once, please try to use the Post method 4. Submitting data through the Get method will cause security issues. It is recommended to use the Post method for form submission; (for example, on the login page, when submitting data through the Get method, the user name and password will be displayed. Now on the URL, if the page can be cached or others can access the customer's machine, the user's account and password can be obtained from the history record) A common problem with form pages submitted using the Post method is that a dialog box will pop up when the page is refreshed. Recommendation: For security reasons, it is best to use Post to submit data 5. Get restricts the value of the data set in the Form form to ASCII characters; while Post supports the entire ISO10646 character set.
6. Get is the default method of Form. In the HTTP protocol, there are four verbs indicating operation methods: GET, POST, PUT, and DELETE. They correspond to four basic operations:
GET is used to obtain resources
POST is used to create new resources (can also be used to update resources)
PUT is used to update resources
DELETE is used to delete resources.

PHP will automatically escape data obtained through post/get

Depending on the different configurations of the server, some special characters such as '," may be escaped when obtaining data through post and get. This problem is mainly caused by PHP magic quotes. PHP magic quotes include magic_quotes_gpc, magic_quotes_runtime, magic_quotes_sybase.

magic_quotes_gpc is summarized as follows:

1. For the case of magic_quotes_gpc=on,

我们可以不对输入和输出数据库的字符串数据作
addslashes()和stripslashes()的操作,数据也会正常显示。
如果此时你对输入的数据作了addslashes()处理，
那么在输出的时候就必须使用stripslashes()去掉多余的反斜杠。

2. For the case of magic_quotes_gpc=off

必须使用addslashes()对输入数据进行处理，但并不需要使用stripslashes()格式化输出
因为addslashes()并未将反斜杠一起写入数据库，只是帮助mysql完成了sql语句的执行。

About magic_quotes_gpc in php injection magic_quotes_gpc = on

Everyone knows the php configuration file php.in. If the magic_quotes_gpc configuration inside is turned on, it means magic_quotes_gpc = on. Everyone who knows a little bit about php knows it.

Then we have to inject numerical fields.

<span> 1</span> <?
<span> 2</span>      <span>if</span> ( <span>isset</span>(<span>$_POST</span>["f_login"<span>] ) ){
</span><span> 3</span>          <span>//</span><span>连接数据库</span>
<span> 4</span>          <span>$t_strUid</span> = <span>$_POST</span>["f_uid"<span>];
</span><span> 5</span>          <span>$t_strPwd</span> = <span>$_POST</span>["f_pwd"<span>];
</span><span> 6</span>          <span>$t_strSQL</span> = "SELECT * FROM tbl_users WHERE uid=<span>$t_strUid</span> AND password = '<span>$t_strPwd</span>'      LIMIT 0,1"<span>;
</span><span> 7</span>          <span>if</span> ( <span>$t_hRes</span> = <span>mysql_query</span>(<span>$t_strSQL</span><span>) ){
</span><span> 8</span>           <span>//</span><span> 成功查询</span>
<span> 9</span> <span>          }
</span><span>10</span> <span>       }
</span><span>11</span> ?>

<span> 1</span> <span><</span><span>html</span><span>></span>
<span> 2</span>       <span><</span><span>head</span><span>></span>
<span> 3</span>              <span><</span><span>title</span><span>></span>sample test<span></</span><span>title</span><span>></span>
<span> 4</span>       <span></</span><span>head</span><span>></span>
<span> 5</span>       <span><</span><span>body</span><span>></span>
<span> 6</span>       <span><</span><span>form </span><span>method</span><span>=post </span><span>action</span><span>=""</span><span>></span>
<span> 7</span>             User ID: <span><</span><span>input </span><span>type</span><span>="text"</span><span> name</span><span>="username"</span><span> size</span><span>=30</span><span>><</span><span>br</span><span>></span>
<span> 8</span>             Password: <span><</span><span>input </span><span>type</span><span>=text </span><span>name</span><span>="userpwd"</span><span> size</span><span>=30</span><span>><</span><span>br</span><span>></span>
<span> 9</span>             <span><</span><span>input </span><span>type</span><span>="submit"</span><span> name</span><span>="user_login"</span><span> value</span><span>="登录"</span><span>></span>
<span>10</span>       <span></</span><span>form</span><span>></span>
<span>11</span> <span></</span><span>body</span><span>></span>

If entered correctly:

SELECT * FROM tbltable_users WHERE userid=admin AND password = 'admin' LIMIT 0,1

If the attacker enters at username: admin OR 1 =1 #, the injected sql statement is as follows:

SELECT * FROM table_users WHERE userid=admin OR 1 =1 # AND password = 'admin' LIMIT 0,1

The injection can be done below.

Set the display_errors option in php.ini to display_errors = off to prevent this.

magic_quotes_runtime
If turned on, most functions that obtain and return data from external sources, including databases and text files, will return backslash-escaped data. This option can be changed at runtime, and the default value in PHP is off.

magic_quotes_sybase
如果打开的话，将会使用单引号对单引号进行转义而非反斜线。此选项会完全覆盖 magic_quotes_gpc。如果同时打开两个选项的话，单引号将会被转义成 ”。而双引号、反斜线和 NULL 字符将不会进行转义。

由于不同服务器的配置不同，需要在代码中用get_magic_quotes_gpc() 检测服务器配置。

<span>1</span> <span>if</span>(<span>isset</span>(<span>$_POST</span>['c'<span>])){
</span><span>2</span>     <span>$s</span> = <span>$_POST</span>['c'<span>];
</span><span>3</span> <span>if</span>(<span>get_magic_quotes_gpc</span><span>())
</span><span>4</span>         <span>$s</span> = <span>stripslashes</span>(<span>$s</span>);<span>//</span><span>stripslashes() 函数删除由 addslashes() 函数添加的反斜杠。
</span><span>5</span> <span>//do something</span>
<span>6</span> }

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn