WebService,想必大家都比较熟悉,是由“服务提供方”向“服务调用方”提供服务的一种方式。里面有几项关键的技术:
XML:描述数据的标准方法
SOAP:简单对象访问协议,用于信息交换
WSDL:Web服务描述语言
UDDI:通用描述、发现与集成,它是一种独立于平台的,基于XML语言的用于在互联网上描述商务的协议。
SOAP默认传输的都是UTF-8的编码,这也决定了默认情况下WebService用的也是UTF-8编码。
现在维护的那个项目是一个PHP项目,编码用的全是GBK,在调用自身提供的WebService方法时,就会遇到编码问题了。PHP页面调用WebService,而这个WebService又调用的是另一个调用COM组件的PHP类。大概场景就是这样。
PHP页面(GBK) -> WebService(UTF-8) -> PHP类(GBK)
在未遇到问题之前,一切都是风平浪静的,就这样过了很多年。有一天,公司收购了其它公司,为了整合服务,用户信息也整合到一起了,原公司所有用户的帐户都是由英文字符加数字组成的,而收购的这个公司没有做这样的限定,帐户有汉字的情况。整合之后,问题出现了,“error in msg parsing: XML error parsing SOAP payload on line 1: Invalid character [detail]”!
PHP刚接触不久,不是甚熟,而且NetBeans的调试灰常不好整。所以就打开VS,引用WebService,开始测试。返回的结果,找不到用户,而且是乱码,OK,看了一下之后,由于WebService的UTF-8编码传给PHP类时,编码不一致所导致!转换为GBK再传过去,收到数据后,找到用户,但还是乱码。将返回过来的数据再次转换为UTF-8之后,一切OK!VS下测试一切正常!上测试机!开始测试!打开之后,乱码!仍然是“error in msg parsing: XML error parsing SOAP payload on line 1: Invalid character [detail]”囧!
静下心来,继续分析!应该是PHP页面调用WebService时所导致!VS下面的那个测试页面是UTF-8的,他们之间没有问题,但PHP的这个页面是GBK的。再次修改后,一切又恢复平静了。
调用:PHP页面,参数转换为UTF-8 -> WebService,转换为GBK后 -> PHP类
返回:PHP类 -> WebService,收到后转化为UTF-8 -> PHP页面,转换为GBK
What is the difference between absolute and idle session timeouts?May 03, 2025 am 12:21 AMAbsolute session timeout starts at the time of session creation, while an idle session timeout starts at the time of user's no operation. Absolute session timeout is suitable for scenarios where strict control of the session life cycle is required, such as financial applications; idle session timeout is suitable for applications that want users to keep their session active for a long time, such as social media.
What steps would you take if sessions aren't working on your server?May 03, 2025 am 12:19 AMThe server session failure can be solved through the following steps: 1. Check the server configuration to ensure that the session is set correctly. 2. Verify client cookies, confirm that the browser supports it and send it correctly. 3. Check session storage services, such as Redis, to ensure that they are running normally. 4. Review the application code to ensure the correct session logic. Through these steps, conversation problems can be effectively diagnosed and repaired and user experience can be improved.
What is the significance of the session_start() function?May 03, 2025 am 12:18 AMsession_start()iscrucialinPHPformanagingusersessions.1)Itinitiatesanewsessionifnoneexists,2)resumesanexistingsession,and3)setsasessioncookieforcontinuityacrossrequests,enablingapplicationslikeuserauthenticationandpersonalizedcontent.
What is the importance of setting the httponly flag for session cookies?May 03, 2025 am 12:10 AMSetting the httponly flag is crucial for session cookies because it can effectively prevent XSS attacks and protect user session information. Specifically, 1) the httponly flag prevents JavaScript from accessing cookies, 2) the flag can be set through setcookies and make_response in PHP and Flask, 3) Although it cannot be prevented from all attacks, it should be part of the overall security policy.
What problem do PHP sessions solve in web development?May 03, 2025 am 12:02 AMPHPsessionssolvetheproblemofmaintainingstateacrossmultipleHTTPrequestsbystoringdataontheserverandassociatingitwithauniquesessionID.1)Theystoredataserver-side,typicallyinfilesordatabases,anduseasessionIDstoredinacookietoretrievedata.2)Sessionsenhances
What data can be stored in a PHP session?May 02, 2025 am 12:17 AMPHPsessionscanstorestrings,numbers,arrays,andobjects.1.Strings:textdatalikeusernames.2.Numbers:integersorfloatsforcounters.3.Arrays:listslikeshoppingcarts.4.Objects:complexstructuresthatareserialized.
How do you start a PHP session?May 02, 2025 am 12:16 AMTostartaPHPsession,usesession_start()atthescript'sbeginning.1)Placeitbeforeanyoutputtosetthesessioncookie.2)Usesessionsforuserdatalikeloginstatusorshoppingcarts.3)RegeneratesessionIDstopreventfixationattacks.4)Considerusingadatabaseforsessionstoragei
What is session regeneration, and how does it improve security?May 02, 2025 am 12:15 AMSession regeneration refers to generating a new session ID and invalidating the old ID when the user performs sensitive operations in case of session fixed attacks. The implementation steps include: 1. Detect sensitive operations, 2. Generate new session ID, 3. Destroy old session ID, 4. Update user-side session information.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
WebStorm Mac version
Useful JavaScript development tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
Dreamweaver Mac version
Visual web development tools
