<?php private function _init_input() { //当register_globals打开以后,各种变量都被注入代码,例如来自HTML表单的请求变量。再加上PHP在使用变量之前是无需进行初始化的,这就使得更容易写出不安全的代码。 //这是个很艰难的抉择,但PHP社区还是决定默认关闭此选项。当打开时,人们使用变量时确实不知道变量是哪里来的,只能想当然。但是register_globals的关闭改变了这种代码内部变量和客户端发送的变量混杂在一起的糟糕情况。 if (isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_COOKIE['GLOBALS']) || isset($_FILES['GLOBALS'])) { system_error('request_tainting'); } //如果开启了get_magic_quotes_gpc(),就给$_GET、$_POST、$_COOKIE全局变量stripslashes一下 if (MAGIC_QUOTES_GPC) { $_GET = dstripslashes($_GET); $_POST = dstripslashes($_POST); $_COOKIE = dstripslashes($_COOKIE); } //cookie前缀的长度 $prelength = strlen($this->config['cookie']['cookiepre']); foreach ($_COOKIE as $key => $val) { //设置合法的cookie的键名/变量名必须以 $this->config['cookie']['cookiepre'] 这个开头的,在配置文件中有。这样做应该是防止非法cookie变量 if (substr($key, 0, $prelength) == $this->config['cookie']['cookiepre']) { //在$this->var["cookie"]里保存的cookie的键名/变量名没有cookie前缀 $this->var['cookie'][substr($key, $prelength)] = $val; } } //返回用于访问页面的请求方法 //如果访问页面的请求方法为POST,就把$_POST的值合并到$_GET变量中 if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST)) { $_GET = array_merge($_GET, $_POST); } if (isset($_GET['page'])) { //按照 RFC 3986 对URL进行编码 //返回字符串,此字符串中除了-_.之外的所有非字母数字字符都将被替换成百分号后跟两位十六进制数。这是在RFC 3986中描述的编码,是为了保护原义字符以免其被解释为特殊的URL定界符,同时保护URL格式以免其被传输媒体(像一些邮件系统)使用字符转换时弄乱。 $_GET['page'] = rawurlencode($_GET['page']); } //\w匹配字母或数字或下划线 if (!(!empty($_GET['handlekey']) && preg_match('/^\w+$/', $_GET['handlekey']))) { unset($_GET['handlekey']); } //$_GET|$_POST的兼容处理, 0为关闭, 1为开启 //开启后即可使用$_G["gp_xx"](xx为变量名, $_GET和$_POST集合的所有变量名), 值为已经addslashes()处理过 if (!empty($this->var['config']['input']['compatible'])) { foreach ($_GET as $k => $v) { $this->var['gp_'.$k] = daddslashes($v); } } $this->var['mod'] = empty($_GET['mod']) ? '' : dhtmlspecialchars($_GET['mod']); //$this->var["config"]["output"]["ajaxvalidate"]是否严格验证Ajax页面的真实性, 0=关闭, 1=打开 $this->var['inajax'] = empty($_GET['inajax']) ? 0 : (empty($this->var['config']['output']['ajaxvalidate']) ? 1 : ($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || $_SERVER['REQUEST_METHOD'] == 'POST' ? 1 : 0)); $this->var['page'] = empty($_GET['page']) ? 1 : max(1, intval($_GET['page'])); $this->var['sid'] = $this->var['cookie']['sid'] = isset($this->var['cookie']['sid']) ? dhtmlspecialchars($this->var['cookie']['sid']) : ''; if (empty($this->var['cookie']['saltkey'])) { $this->var['cookie']['saltkey'] = random(8); dsetcookie('saltkey', $this->var['cookie']['saltkey'], 86400 * 30, 1, 1); } $this->var['authkey'] = md5($this->var['config']['security']['authkey'].$this->var['cookie']['saltkey']); } ?>
<?php //_init_input()方法执行结束后打印$_G全局变量 $_G = array ( 'uid' => 0, 'username' => '', 'adminid' => 0, 'groupid' => 1, //$this->var["sid"] = $this->var["cookie"]["sid"] = isset($this->var["cookie"]["sid"]) ? dhtmlspecialchars($this->var["cookie"]["sid"]) : ""; 'sid' => '', 'formhash' => '', 'connectguest' => 0, 'timestamp' => 1498533885, 'starttime' => 1498533885.6414, 'clientip' => '127.0.0.1', 'remoteport' => '62959', 'referer' => '', 'charset' => '', 'gzipcompress' => '', //$_config["security"]["authkey"] = "asdfasfas"; //站点加密密钥 //$this->var["authkey"] = md5($this->var["config"]["security"]["authkey"].$this->var["cookie"]["saltkey"]); 'authkey' => '2e548bcd05aa204f2a9ef922684dcb8e', 'timenow' => array (), 'widthauto' => 0, 'disabledwidthauto' => 0, 'PHP_SELF' => '/forum.php', 'siteurl' => 'http://www.pcool.com/', 'siteroot' => '/', 'siteport' => '', 'pluginrunlist' => array (), 'config' => array ( 'db' => array ( 1 => array ( 'dbhost'=>'localhost', 'dbuser'=>'root', 'dbpw'=>'root', 'dbcharset'=>'utf8', 'pconnect'=>'0', 'dbname'=>'pinku', 'tablepre'=>'bbs_', ), 'slave' => '', 'common' => array ('slave_except_table'=>'',), ), 'memory' => array ( 'prefix' => 'qUR9F2_', 'redis' => array ( 'server' => '', 'port' => 6379, 'pconnect' => 1, 'timeout' => '0', 'requirepass' => '', 'serializer' => 1, ), 'memcache' => array ( 'server' => '', 'port' => 11211, 'pconnect' => 1, 'timeout' => 1, ), 'apc' => '0', 'apcu' => '0', 'xcache' => '0', 'eaccelerator' => '0', 'wincache' => '0', 'yac' => '0', 'file' => array ('server' => 'data/cache/filecache',), ), 'server' => array ('id' => 1,), 'download' => array ( 'readmod' => 2, 'xsendfile' => array ( 'type' => '0', 'dir' => '/down/', ), ), 'output' => array ( 'charset' => 'utf-8', 'forceheader' => 1, 'gzip' => '0', 'tplrefresh' => 1, 'language' => 'zh_cn', 'staticurl' => 'static/', 'ajaxvalidate' => '0', 'iecompatible' => '0', ), 'cookie' => array ( 'cookiepre' => 'hYFg_2132_', 'cookiedomain' => '', 'cookiepath' => '/', ), 'security' => array ( 'authkey' => '2618faN3hpIEZoCr', 'urlxssdefend' => 1, 'attackevasive' => '0', 'querysafe' => array ( 'status' => 1, 'dfunction' => array ( 0 => 'load_file', 1 => 'hex', 2 => 'substring', 3 => 'if', 4 => 'ord', 5 => 'char', ), 'daction' => array ( 0 => '@', 1 => 'intooutfile', 2 => 'intodumpfile', 3 => 'unionselect', 4 => '(select', 5 => 'unionall', 6 => 'uniondistinct', ), 'dnote' => array ( 0 => '/*', 1 => '*/', 2 => '#', 3 => '--', 4 => '"', ), 'dlikehex' => 1, 'afullnote' => '0', ), ), 'admincp' => array ( 'founder' => '1', 'forcesecques' => '0', 'checkip' => 1, 'runquery' => '0', 'dbimport' => 1, ), 'remote' => array ( 'on' => '0', 'dir' => 'remote', 'appkey' => '62cf0b3c3e6a4c9468e7216839721d8e', 'cron' => '0', ), 'input' => array ( 'compatible' => 1, ), ), 'setting' => array (), 'member' => array (), 'group' => array (), //以下为discuz_application类的_init_input()方法执行结束后设置的 'cookie' => array ( //$this->var["sid"] = $this->var["cookie"]["sid"] = isset($this->var["cookie"]["sid"]) ? dhtmlspecialchars($this->var["cookie"]["sid"]) : ""; 'sid' => '', 'saltkey' => 'XtqKLzW2',//值为random(8) ), 'style' => array (), 'cache' => array (), 'session' => array (), 'lang' => array (), 'my_app' => array (), 'my_userapp' => array (), 'fid' => 0, 'tid' => 0, 'forum' => array (), 'thread' => array (), 'rssauth' => '', 'home' => array (), 'space' => array (), 'block' => array (), 'article' => array (), 'action' => array ( 'action' => 2, 'fid' => 0, 'tid' => 0, ), 'mobile' => '', 'notice_structure' => array ( 'mypost' => array ( 0 => 'post', 1 => 'pcomment', 2 => 'activity', 3 => 'reward', 4 => 'goods', 5 => 'at', ), 'interactive' => array ( 0 => 'poke', 1 => 'friend', 2 => 'wall', 3 => 'comment', 4 => 'click', 5 => 'sharenotice', ), 'system' => array ( 0 => 'system', 1 => 'myapp', 2 => 'credit', 3 => 'group', 4 => 'verify', 5 => 'magic', 6 => 'task', 7 => 'show', 8 => 'group', 9 => 'pusearticle', 10 => 'mod_member', 11 => 'blog', 12 => 'article', ), 'manage' => array ( 0 => 'mod_member', 1 => 'report', 2 => 'pmreport', ), 'app' => array (), ), 'mobiletpl' => array ( 1 => 'mobile', 2 => 'touch', 3 => 'wml', 'yes' => 'mobile', ), 'basescript' => 'forum', 'basefilename' => 'forum.php', 'isHTTPS' => false, 'scheme' => 'http', 'staticurl' => 'static/', //以下为discuz_application类的_init_input()方法执行结束后新增的 //$this->var["mod"] = empty($_GET["mod"]) ? "" : dhtmlspecialchars($_GET["mod"]); 'mod' => '', //$this->var["inajax"] = empty($_GET["inajax"]) ? 0 : (empty($this->var["config"]["output"]["ajaxvalidate"]) ? 1 : ($_SERVER["REQUEST_METHOD"] == "GET" && $_SERVER["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest" || $_SERVER["REQUEST_METHOD"] == "POST" ? 1 : 0)); //$this->var["config"]["output"]["ajaxvalidate"]是否严格验证Ajax页面的真实性, 0=关闭, 1=打开 'inajax' => 0, //$this->var["page"] = empty($_GET["page"]) ? 1 : max(1, intval($_GET["page"])); 'page' => 1, ); ?>