我的表单里面为什么输入一个引号就提交超时,提交不上去,不是注入,是压根submit就超时-PHP Tutorial-php.cn

Table of Contents

回复讨论(解决方案)

Home

Backend Development

PHP Tutorial

我的表单里面为什么输入一个引号就提交超时,提交不上去,不是注入,是压根submit就超时

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 23, 2016 pm 01:44 PM

就这样一个表单, 提交半角的单引号, 或者双引号 ,就超时 .
apache2.24 ,php5.3.27

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="zh" xml:lang="zh"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>黑</title></head>  <body> 	<div>	<form name="input" action="" method="post">           <input maxlength="20" name="tbName">           <input type="submit" value="submit" /></form>	</div>	  </body></html>

Copy after login

回复讨论(解决方案)

你的action的内容呢

不?超?啊。
只是提交到本?而已。

<?phpif($_POST){	print_r($_POST);}?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="zh" xml:lang="zh"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>黑</title></head>  <body>      <div>    <form name="input" action="" method="post">           <input maxlength="20" name="tbName">           <input type="submit" value="submit" /></form>     </div>       </body></html>

Copy after login

你用什么浏览器测试的？多用几个浏览器试试看。

你的action的内容呢

故意没有填写，默认应该提交到本页吧。这是我的测试网站，输入引号提交不了：

http://www.getbook.cn/ImageEditor/4.htm?tbName=hjg

你用什么浏览器测试的？多用几个浏览器试试看。

ie ，谷歌都试过，这个是测试页面，你输入试试，我搭建2个apache都这样，windows2003系统，apache2.2.4

http://www.getbook.cn/ImageEditor/4.htm

php.ini 中打开错误提示功能看看。
display_errors = On

改完记得重启下Apache。

apache 下logs目录的 access.log
123.125.71.58 - - [01/Dec/2014:21:59:51 +0800] "GET /images/201307/goods_img/36_G_1372662894106.jpg HTTP/1.1" 200 30764
61.180.165.187 - - [01/Dec/2014:21:59:58 +0800] "GET /ImageEditor/4.htm HTTP/1.1" 304 -

error.log
[Mon Dec 01 21:59:39 2014] [notice] Apache/2.2.4 (Win32) PHP/5.3.27 configured -- resuming normal operations
[Mon Dec 01 21:59:39 2014] [notice] Server built: Jan 9 2007 23:17:20
[Mon Dec 01 21:59:39 2014] [notice] Parent: Created child process 4964
[Mon Dec 01 21:59:39 2014] [notice] Child 4964: Child process is running
[Mon Dec 01 21:59:39 2014] [notice] Child 4964: Acquired the start mutex.
[Mon Dec 01 21:59:39 2014] [notice] Child 4964: Starting 250 worker threads.
[Mon Dec 01 21:59:39 2014] [notice] Child 4964: Starting thread to listen on port 80.

你的代码真的只有主贴中那些吗？

打开错误提示功能，测试看页面有没有有报错。

代码就是贴出那些，你看这个测试页面，代码就是这样的啊，
http://www.getbook.cn/ImageEditor/4.htm
点提交会超时，但地址栏显示 http://www.getbook.cn/ImageEditor/4.htm?tbName=%27

这个服务器前面有防火墙，和防入侵的神马，会不会他们拦截了？

可能吧，你可以将防火墙和防入侵的神马关闭了试试看就知道了。

页面提交，你是怎么接收？

这个。。。。。我测试了一下没有超时。是不是已经改代码了？

好了，应该是服务器机房网络设备的事

测试没发现超时

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Best Graphic Settings

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

2 weeks ago By DDD

R.E.P.O. How to Fix Audio if You Can't Hear Anyone

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

WWE 2K25: How To Unlock Everything In MyRise

4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7471

CakePHP Tutorial

1377

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

Related knowledge

Working with Flash Session Data in Laravel Mar 12, 2025 pm 05:08 PM

Laravel simplifies handling temporary session data using its intuitive flash methods. This is perfect for displaying brief messages, alerts, or notifications within your application. Data persists only for the subsequent request by default: $request-

cURL in PHP: How to Use the PHP cURL Extension in REST APIs Mar 14, 2025 am 11:42 AM

The PHP Client URL (cURL) extension is a powerful tool for developers, enabling seamless interaction with remote servers and REST APIs. By leveraging libcurl, a well-respected multi-protocol file transfer library, PHP cURL facilitates efficient execution of various network protocols, including HTTP, HTTPS, and FTP. This extension offers granular control over HTTP requests, supports multiple concurrent operations, and provides built-in security features.

Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'? Apr 01, 2025 am 07:21 AM

Alipay PHP...

Simplified HTTP Response Mocking in Laravel Tests Mar 12, 2025 pm 05:09 PM

Laravel provides concise HTTP response simulation syntax, simplifying HTTP interaction testing. This approach significantly reduces code redundancy while making your test simulation more intuitive. The basic implementation provides a variety of response type shortcuts: use Illuminate\Support\Facades\Http; Http::fake([ 'google.com' => 'Hello World', 'github.com' => ['foo' => 'bar'], 'forge.laravel.com' =>

12 Best PHP Chat Scripts on CodeCanyon Mar 13, 2025 pm 12:08 PM

Do you want to provide real-time, instant solutions to your customers' most pressing problems? Live chat lets you have real-time conversations with customers and resolve their problems instantly. It allows you to provide faster service to your custom

Explain the concept of late static binding in PHP. Mar 21, 2025 pm 01:33 PM

Article discusses late static binding (LSB) in PHP, introduced in PHP 5.3, allowing runtime resolution of static method calls for more flexible inheritance.Main issue: LSB vs. traditional polymorphism; LSB's practical applications and potential perfo

Framework Security Features: Protecting against vulnerabilities. Mar 28, 2025 pm 05:11 PM

Article discusses essential security features in frameworks to protect against vulnerabilities, including input validation, authentication, and regular updates.

Explain JSON Web Tokens (JWT) and their use case in PHP APIs. Apr 05, 2025 am 12:04 AM

JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,

See all articles