The wonderful use of Include to implement path encryption_PHP tutorial

1. Transfer program include.inc
include_once 'include/Base.php';
$path = '';
$url = isBase::decrypt(urlDecode($_SERVER['QUERY_STRING']));
parse_str($url); //Get the variable passed through url address GET
if(!empty($_POST['path'])){ //Get the variable passed by POST
$path = $_POST['path'];
$path = isBase::decrypt(urlDecode($path));
}
//Parse the real path
if(empty($path)){
//header("Location: login.php");
exit;
}
if(!preg_match("/(^http://)|([?|&|=])/",$path)){
//Jump to the path of the actual executed file
chdir(dirname($path));
include_once basename($path);
exit;
}
?>
index.php and include.inc are in the same directory
include include.inc;
?>
2. Modify the link in the program ()
"index.php?".encrypt("path=/test/test.php&test=123&test2=4321")
3. Modify the POST form in the program
Forms are submitted to index.php
Add a hidden form in the middle
4. Modify the path of the front-end Html page
baseref=/test
5. The encryption and decryption functions are provided by ourselves
Summary:
This method is more cumbersome and can only hide the path of the background script. The path of the front-end script can still be seen in the source file (baseref)
The addresses you see on the address bar are index.php?xxxxxxxx

http://www.bkjia.com/PHPjc/629785.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629785.htmlTechArticle1. Transfer program include.inc ? include_once 'include/Base.php'; $path = ''; $ url = isBase::decrypt(urlDecode($_SERVER['QUERY_STRING'])); parse_str($url); //Get the url address passed by GET...