方维源码,获取当前脚本为false 系统报错request_tainting 问题
程序员文章站
2022-04-24 14:53:23
...
$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
systemError('request_tainting');
$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明
附:
function getPhpSelf()
{
$php_self = '';
$script_name = basename($_SERVER['SCRIPT_FILENAME']);
if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
$php_self = $_SERVER['SCRIPT_NAME'];
else if(basename($_SERVER['PHP_SELF']) === $script_name)
$php_self = $_SERVER['PHP_SELF'];
else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
$php_self = $_SERVER['ORIG_SCRIPT_NAME'];
else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
$php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
$php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
else
return false;
return $php_self;
}
回复内容:
$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
systemError('request_tainting');
$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明
附:
function getPhpSelf()
{
$php_self = '';
$script_name = basename($_SERVER['SCRIPT_FILENAME']);
if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
$php_self = $_SERVER['SCRIPT_NAME'];
else if(basename($_SERVER['PHP_SELF']) === $script_name)
$php_self = $_SERVER['PHP_SELF'];
else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
$php_self = $_SERVER['ORIG_SCRIPT_NAME'];
else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
$php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
$php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
else
return false;
return $php_self;
}
应该是服务器配置异常的时候。就会出现那个错误了。