当前位置:Gxlcms > PHP教程 > 方维源码,获取当前脚本为false系统报错request_tainting问题

方维源码,获取当前脚本为false系统报错request_tainting问题

时间:2021-07-01 10:21:17 帮助过:5人阅读

$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
        systemError('request_tainting');

$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明

附:

function getPhpSelf()
{
    $php_self = '';
    $script_name = basename($_SERVER['SCRIPT_FILENAME']);
    if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['SCRIPT_NAME'];
    else if(basename($_SERVER['PHP_SELF']) === $script_name)
        $php_self = $_SERVER['PHP_SELF'];
    else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['ORIG_SCRIPT_NAME'];
    else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
        $php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
    else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
        $php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
    else
        return false;
    return $php_self;
}

回复内容:

$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
if($_FANWE['php_self'] === false)
        systemError('request_tainting');

$_FANWE是个全局变量,getPhpSelf()函数是获取当前脚本的函数,程序大大们,到底什么样的场景才会触发这个报错呢,不明白,恳请指明

附:

function getPhpSelf()
{
    $php_self = '';
    $script_name = basename($_SERVER['SCRIPT_FILENAME']);
    if(basename($_SERVER['SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['SCRIPT_NAME'];
    else if(basename($_SERVER['PHP_SELF']) === $script_name)
        $php_self = $_SERVER['PHP_SELF'];
    else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME']) === $script_name)
        $php_self = $_SERVER['ORIG_SCRIPT_NAME'];
    else if(($pos = strpos($_SERVER['PHP_SELF'],'/'.$script_name)) !== false)
        $php_self = substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$script_name;
    else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT']) === 0)
        $php_self = str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
    else
        return false;
    return $php_self;
}

应该是服务器配置异常的时候。就会出现那个错误了。

人气教程排行