Home > Backend Development > PHP Tutorial > Detailed explanation of file_put_contents function in PHP

Detailed explanation of file_put_contents function in PHP

墨辰丷
Release: 2023-03-26 10:24:01
Original
3335 people have browsed it

file_put_contents() function writes a string to a file. Recently, I discovered that the file_put_contents function has problems that I have never noticed, so the following article mainly introduces relevant information about the dangerous file_put_contents function in PHP. Friends in need can refer to it. Let’s take a look together.

Preface

Recently I encountered a file upload question on EIS and found that filtering < basically made many gestures invalid. , I haven’t solved this problem after thinking about it for a long time. It was only after the game that I found out that I could use an array to get around it. The principle is analyzed here. Without further ado, let’s take a look at the detailed introduction.

Let’s take a look at the official website definition of the second parameter data of the file_put_contents function:


data
要写入的数据。类型可以是 string,array 或者是 stream 资源(如上面所说的那样)。
 
如果 data 指定为 stream 资源,这里 stream 中所保存的缓存数据将被写入到指定文件中,这种用法就相似于使用 stream_copy_to_stream() 函数。
 
参数 data 可以是数组(但不能为多维数组),这就相当于 file_put_contents($filename, join(&#39;&#39;, $array))。
Copy after login


As you can see, data The parameter can be an array, which will be automatically join('',$array)converted into a string

When this function accesses the file, it follows the following rules:

  • If FILE_USE_INCLUDE_PATH is set, then the built-in path for a copy of *filename* will be checked

  • If the file does not exist, a file will be created

  • Open the file

  • If LOCK_EX is set, the file will be locked

  • If set FILE_APPEND, then it will be moved to the end of the file. Otherwise, the contents of the file will be cleared

  • Write data to the file

  • Close the file and unlock all files

  • If successful, this function returns the number of characters written to the file. On failure, False is returned.

But our string filtering function generally uses the preg_match function to filter, such as:


if(preg_match(&#39;/\</&#39;,$data)){
 die(&#39;hack&#39;);
}
Copy after login


We know that many functions that process strings will error and return NULL if an array is passed in, such as strcmp, strlen, md5, etc., but the preg_match function returns false when an error occurs. Here we can pass var_dump(preg_match('/ \</',$data)); To verify, in this case, the regular filtering of preg_match will be invalid

Therefore, I guess the file upload code is written like this


<?php 
 
if(isset($_POST[&#39;content&#39;]) && isset($_POST[&#39;ext&#39;])){
 $data = $_POST[&#39;content&#39;];
 $ext = $_POST[&#39;ext&#39;];
 
 //var_dump(preg_match(&#39;/\</&#39;,$data));
 if(preg_match(&#39;/\</&#39;,$data)){
  die(&#39;hack&#39;);
 }
 $filename = time();
 file_put_contents($filename.$ext, $data);
}
 
?>
Copy after login


So we can pass in content[]=<?php phpinfo();?>&ext=php This way To bypass

Fix method

The repair method is to use the fwrite function to replace the dangerous file_put_contents function. The fwrite function can only pass Enter a string. If it is an array, an error will occur and false will be returned.


<?php 
 
if(isset($_POST[&#39;content&#39;]) && isset($_POST[&#39;ext&#39;])){
 $data = $_POST[&#39;content&#39;];
 $ext = $_POST[&#39;ext&#39;];
 
 //var_dump(preg_match(&#39;/\</&#39;,$data));
 if(preg_match(&#39;/\</&#39;,$data)){
  die(&#39;hack&#39;);
 }
 $filename = time();
 // file_put_contents($filename.$ext, $data);
 $f = fopen($filename.$ext);
 var_dump(fwrite($f,$data));
}
 
?>
Copy after login


Related recommendations:

Detailed introduction and usage of file_put_contents function

How to use file_put_contents function in PHP

Detailed explanation of file_put_contents function in PHP


The above is the detailed content of Detailed explanation of file_put_contents function in PHP. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template