What are the three ways to forge referer addresses in PHP?

Method: 1. Use the "file_get_contents($url,false,$context)" function; 2. CURL method, use curl_init(), curl_setopt(), curl_exec() and other functions; 3. Use fsockopen( )function.

The operating environment of this tutorial: windows7 system, PHP7.1 version, DELL G3 computer

php gets the URL address of the previous page of the current page , that is, which page the current page is linked from, you can use $_SERVER['HTTP_REFERER'];

But $_SERVER['HTTP_REFERER'] can also be forged and deceived. There are three ways to forge and deceive. $_SERVER['HTTP_REFERER']

Note: The window platform uses the phpstudy integrated environment nginx. This method is invalid, apache is normal, and other platform versions have not been tested

The first method: file_get_contents

$url = "http://localhost/test/test.php";
$refer="http://www.aa.com";
$opt=array('http'=>array('header'=>"Referer: $refer"));
$context=stream_context_create($opt);
$file_contents = file_get_contents($url,false, $context);
echo $file_contents;

stream_context_create in file_get_contents forges important parameters of the source.

Second method: CURL

$url = "http://localhost/test/test.php"; // 请求的页面地址
$refer="http://www.aa.com";  //伪造的页面地址
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL,$url);
curl_setopt ($ch, CURLOPT_REFERER,$refer);
curl_exec ($ch);
curl_close ($ch);

Third method: fsockopen

$url="http://localhost/test/test.php";
$target = "http://www.manongjc.com/";
/** sockopen 伪造 网站来源地址
 * @parem $url 要访问的页面地址
 * @parem $target 伪造来源页面
 * @parem $port 网站端口 默认 80
 * @parem 页面脚本执行时间 默认 30 s * */
function referer($url,$target,$port=80,$t=30)
{
    $info=parse_url($url);
    $fp = fsockopen($info["host"], $port, $errno, $errstr, $t);
    if(!$fp)
    {
        echo "$errstr($errno)".PHP_EOL;
    }
    else
    {
        $out = "GET ".$info['path']." HTTP/1.1".PHP_EOL;
        $out .= "Host: ".$info["host"].PHP_EOL;
        $out .= "Referer: ".$target.PHP_EOL;
        $out .= "Connection: Close".PHP_EOL;
        $out .= PHP_EOL;
        fwrite($fp, $out);
        while(!feof($fp))
        {
          echo fgets($fp); // 发送 head 请求头信息
        }
        fclose($fp);
    }
}
//函数调用
referer($url,$target);

Recommended learning: "PHP Video Tutorial"

The above is the detailed content of What are the three ways to forge referer addresses in PHP?. For more information, please follow other related articles on the PHP Chinese website!