欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

方维源码,获取当前脚本为false 系统报错request_tainting 问题

程序员文章站 2022-04-24 14:53:23
...
$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
        systemError('request_tainting');

$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明

附:

function getPhpSelf()
{
    $php_self = '';
    $script_name = basename($_SERVER['SCRIPT_FILENAME']);
    if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['SCRIPT_NAME'];
    else if(basename($_SERVER['PHP_SELF']) === $script_name)
        $php_self = $_SERVER['PHP_SELF'];
    else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['ORIG_SCRIPT_NAME'];
    else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
        $php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
    else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
        $php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
    else
        return false;
    return $php_self;
}

回复内容:

$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
        systemError('request_tainting');

$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明

附:

function getPhpSelf()
{
    $php_self = '';
    $script_name = basename($_SERVER['SCRIPT_FILENAME']);
    if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['SCRIPT_NAME'];
    else if(basename($_SERVER['PHP_SELF']) === $script_name)
        $php_self = $_SERVER['PHP_SELF'];
    else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['ORIG_SCRIPT_NAME'];
    else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
        $php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
    else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
        $php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
    else
        return false;
    return $php_self;
}

应该是服务器配置异常的时候。就会出现那个错误了。

相关标签: php