


How to use http protocol to publish comments on blog posts, _PHP tutorial
How to use http protocol to publish comments on blog posts?
Let me first introduce the implementation principle:
The essence of submitting comments to a blog post is to send a post request through the http protocol server. What do we need to do before posting a comment? Yes, you must log in. But logging in is another matter, which we won’t discuss here. After the user logs in, the server sets a cookie to the client. http is stateless. That is to say, after the client sends a request to the server, the server returns a response. One communication is completed. The server will not remember who just sent the request to it. Therefore, the client needs to send a request to the server with the cookie set by the server and inform the server of its identity, and the server generates a response based on the cookie.
Preparation:
In order to complete this test, I registered another blog account (DeanHuangChopper). After logging in to the blog park, open my blog (DeanChopper) and randomly open one of my blog posts, such as "Understanding Buffering Using the PHP OB Function" Mechanism" article (I use Firefox browser, the biggest advantage is that you can intuitively see what parameters are sent to the server), open the developer options, and prepare to record the process of sending comments. I just write a comment and leave a comment. This time the request is logged via developer options.
We only need to pay attention to the request header.
Obviously, we set the request header information through the setHeader() method of the Http class and send it through the post() method. Let’s first carefully analyze the request header information. Host, Content-type, and Content-length will be set by default through some http methods, and we don’t need to add them. But it must be noted that the Content-type type is "application/json; charset=UTF-8", which is different from the "application/x-www-form-urlencoded" of Http's default setting. The request body is in json form, not in array form, so the original Http post method needs to be rewritten.
public function post($body) { $this->setLine('POST'); // 重新设置content-type $this->setHeader('Content-Type:application/json; charset=UTF-8'); // 跳过setBody方法 // $this->setBody($body); $this->body[]=$body; // 计算content-length $this->setHeader('Content-length: ' . strlen($this->body[0])); $this->request(); return $this->response; }
After re-modifying the Http class, we can complete the writing of the main code of this article. Although in theory, you only need to set the cookie value when setting the header information, it is best to send all the header information to increase the success rate.
Before sending a comment, take a look at the parameters sent:
We only need to fill in the content we want to send after "body".
Code part:
Finally is the main code of this article:
<?php require "http.class.php"; $http=new Http('http://www.cnblogs.com/mvc/PostComment/Add.aspx'); //设置头信息 $http->setHeader('Accept-Language:zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3'); $http->setHeader('Accept-Language:zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3'); $http->setHeader('Accept-Encoding:gzip, deflate'); $http->setHeader('X-Requested-With:XMLHttpRequest'); $http->setHeader('Referer:http://www.cnblogs.com/DeanChopper/p/4688667.html'); $http->setHeader('Cookie:_ga=GA1.2.1359064105.1438444082; __gads=ID=e0c32fd6db6e2a6d:T=1438443900:S=ALNI_Mb6AAflcBD6gcdHgeE3IqVDJYnnjA; .CNBlogsCookie=C8013C91E54C151DEDA30E2C1E842982338C9054A8BB8639AC2DAB7578445BF1DF5BC49D39D8BE5FDAC33541CE4E4FA386CFD3F946EA1D79D1E34809A4CCBD7488A15641AEF685A6258CF3F03597BCAF50049F8C95A310076677598990FB2E4FB1E9671A; _5t_trace_sid=84a9ed0b086c2c127551cf911bec7b1d; _5t_trace_tms=1; _gat=1'); $http->setHeader('Pragma:no-cache'); $http->setHeader('Cache-Control:no-cache'); //设置请求体信息 $msg='{"blogApp":"DeanChopper","postId":4688667,"body":"测试内容","parentCommentId":0}'; //发送post请求 $http->post($msg); echo 'OK';
The sending process may be a bit slow, please be patient.
The above introduction is the entire content of this article, I hope you all like it.

PEAR is a PHP framework for reusable components, enhancing development with package management, coding standards, and community support.

PHP is a versatile scripting language used mainly for web development, creating dynamic pages, and can also be utilized for command-line scripting, desktop apps, and API development.

The article discusses PHP's evolution from "Personal Home Page Tools" in 1995 to "PHP: Hypertext Preprocessor" in 1998, reflecting its expanded use beyond personal websites.

Effective methods to prevent session fixed attacks include: 1. Regenerate the session ID after the user logs in; 2. Use a secure session ID generation algorithm; 3. Implement the session timeout mechanism; 4. Encrypt session data using HTTPS. These measures can ensure that the application is indestructible when facing session fixed attacks.

Implementing session-free authentication can be achieved by using JSONWebTokens (JWT), a token-based authentication system where all necessary information is stored in the token without server-side session storage. 1) Use JWT to generate and verify tokens, 2) Ensure that HTTPS is used to prevent tokens from being intercepted, 3) Securely store tokens on the client side, 4) Verify tokens on the server side to prevent tampering, 5) Implement token revocation mechanisms, such as using short-term access tokens and long-term refresh tokens.

The security risks of PHP sessions mainly include session hijacking, session fixation, session prediction and session poisoning. 1. Session hijacking can be prevented by using HTTPS and protecting cookies. 2. Session fixation can be avoided by regenerating the session ID before the user logs in. 3. Session prediction needs to ensure the randomness and unpredictability of session IDs. 4. Session poisoning can be prevented by verifying and filtering session data.

To destroy a PHP session, you need to start the session first, then clear the data and destroy the session file. 1. Use session_start() to start the session. 2. Use session_unset() to clear the session data. 3. Finally, use session_destroy() to destroy the session file to ensure data security and resource release.

How to change the default session saving path of PHP? It can be achieved through the following steps: use session_save_path('/var/www/sessions');session_start(); in PHP scripts to set the session saving path. Set session.save_path="/var/www/sessions" in the php.ini file to change the session saving path globally. Use Memcached or Redis to store session data, such as ini_set('session.save_handler','memcached'); ini_set(


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

WebStorm Mac version
Useful JavaScript development tools

DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

Atom editor mac version download
The most popular open source editor

Dreamweaver CS6
Visual web development tools
