namespace database\mysql;
use PDO;
use Exception;
class BackupMysql{
private $sqllinebreaker = " ;". PHP_EOL;
public function __construct($server, $dbname, $username, $password){
$this->_server = $server;
$this->_dbname = $dbname;
$this->_username = $username;
$this->_password = $password;
$this->_pdo = new PDO('mysql:host=' . $this->_server . ';dbname=' . $this->_dbname, $this->_username, $this->_password, [PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES'utf8';"]);
}
public function singleimport($sqlfile){
if (is_file($sqlfile)){
$return = array('number'=>0,"description"=>'');
try{
$content = file_get_contents($sqlfile);
$arr = explode($this->sqllinebreaker, $content);
foreach ($arr as $key=>$val){
$val = trim($val);
if ($val != ''){
$return[$key]['number'] = $this->_pdo->exec($val);
if($return[$key]['number']===false){
$return[$key]['error'] = $this->_pdo->errorInfo();
$return[$key]['sql'] = $val;
} catch (Exception $ex){
$return['description'] = $ex->getMessage();
return $return;
thinkinphp
function format_file_size($size, $unit='kb',$format=false) {
$p = 0;
if ($unit == 'kb') {
$p = 1;
} elseif ($unit == 'mb') {
$p = 2;
} elseif ($unit == 'gb') {
$p = 3;
$size /= pow(1024, $p);
return $format ? number_format($size, 3) : $size;
PHP 利用 curl 发送 post get del put patch 请求
因为需要在 php 开发中对接其它接口需要用 php curl 去对接其它接口 我把他们封装成函数 希望能对大家有所帮助。
这里面是封装好的会自动把 data 进行转成 json 格式,同时解码成 php 数组输出。
<?php function geturl($url){ $headerArray =array("Content-type:application/json;","Accept:application/json"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($url,CURLOPT_HTTPHEADER,$headerArray); $output = curl_exec($ch); curl_close($ch); $output = json_decode($output,true); return $output; } function posturl($url,$data){ $data = json_encode($data); $headerArray =array("Content-type:application/json;charset='utf-8'","Accept:application/json"); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,FALSE); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, $data); curl_setopt($curl,CURLOPT_HTTPHEADER,$headerArray); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($curl); curl_close($curl); return json_decode($output,true); } function puturl($url,$data){ $data = json_encode($data); $ch = curl_init(); //初始化CURL句柄 curl_setopt($ch, CURLOPT_URL, $url); //设置请求的URL curl_setopt ($ch, CURLOPT_HTTPHEADER, array('Content-type:application/json')); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); //设为TRUE把curl_exec()结果转化为字串,而不是直接输出 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,"PUT"); //设置请求方式 curl_setopt($ch, CURLOPT_POSTFIELDS, $data);//设置提交的字符串 $output = curl_exec($ch); curl_close($ch); return json_decode($output,true); } function delurl($url,$data){ $data = json_encode($data); $ch = curl_init(); curl_setopt ($ch,CURLOPT_URL,$put_url); curl_setopt ($ch, CURLOPT_HTTPHEADER, array('Content-type:application/json')); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, "DELETE"); curl_setopt($ch, CURLOPT_POSTFIELDS,$data); $output = curl_exec($ch); curl_close($ch); $output = json_decode($output,true); } function patchurl($url,$data){ $data = json_encode($data); $ch = curl_init(); curl_setopt ($ch,CURLOPT_URL,$url); curl_setopt ($ch, CURLOPT_HTTPHEADER, array('Content-type:application/json')); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, "PATCH"); curl_setopt($ch, CURLOPT_POSTFIELDS,$data); //20170611修改接口,用/id的方式传递,直接写在url中了 $output = curl_exec($ch); curl_close($ch); $output = json_decode($output); return $output; } ?>
这很不安全!攻击者能用简短的代码攻破!
//无限循环脚本 var Vote = 0;//你的票。 setInterval(function(){ getVote(Vote); },2000);
怎样更安全?可以用 Cookies 记录下投票,这样攻击者还需清理 Cookies。
if(empty($_COOKIE["voted"])) { setcookie("voted","yes!",ime()+60*60*24*365); } else { die("您已经投过票!"); }
感谢您的支持,我会继续努力的!
支付宝扫一扫,即可进行扫码打赏哦
839PDO::exec
namespace database\mysql;
use PDO;
use Exception;
class BackupMysql{
private $sqllinebreaker = " ;". PHP_EOL;
public function __construct($server, $dbname, $username, $password){
$this->_server = $server;
$this->_dbname = $dbname;
$this->_username = $username;
$this->_password = $password;
$this->_pdo = new PDO('mysql:host=' . $this->_server . ';dbname=' . $this->_dbname, $this->_username, $this->_password, [PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES'utf8';"]);
}
public function singleimport($sqlfile){
if (is_file($sqlfile)){
$return = array('number'=>0,"description"=>'');
try{
$content = file_get_contents($sqlfile);
$arr = explode($this->sqllinebreaker, $content);
foreach ($arr as $key=>$val){
$val = trim($val);
if ($val != ''){
$return[$key]['number'] = $this->_pdo->exec($val);
if($return[$key]['number']===false){
$return[$key]['error'] = $this->_pdo->errorInfo();
$return[$key]['sql'] = $val;
}
}
}
} catch (Exception $ex){
$return['description'] = $ex->getMessage();
}
}
return $return;
}
}
625PHP 教程
thinkinphp
616PHP filesize() 函数
function format_file_size($size, $unit='kb',$format=false) {
$p = 0;
if ($unit == 'kb') {
$p = 1;
} elseif ($unit == 'mb') {
$p = 2;
} elseif ($unit == 'gb') {
$p = 3;
}
$size /= pow(1024, $p);
return $format ? number_format($size, 3) : $size;
}
601PHP cURL
PHP 利用 curl 发送 post get del put patch 请求
因为需要在 php 开发中对接其它接口需要用 php curl 去对接其它接口 我把他们封装成函数 希望能对大家有所帮助。
这里面是封装好的会自动把 data 进行转成 json 格式,同时解码成 php 数组输出。
<?php function geturl($url){ $headerArray =array("Content-type:application/json;","Accept:application/json"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($url,CURLOPT_HTTPHEADER,$headerArray); $output = curl_exec($ch); curl_close($ch); $output = json_decode($output,true); return $output; } function posturl($url,$data){ $data = json_encode($data); $headerArray =array("Content-type:application/json;charset='utf-8'","Accept:application/json"); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,FALSE); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, $data); curl_setopt($curl,CURLOPT_HTTPHEADER,$headerArray); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($curl); curl_close($curl); return json_decode($output,true); } function puturl($url,$data){ $data = json_encode($data); $ch = curl_init(); //初始化CURL句柄 curl_setopt($ch, CURLOPT_URL, $url); //设置请求的URL curl_setopt ($ch, CURLOPT_HTTPHEADER, array('Content-type:application/json')); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); //设为TRUE把curl_exec()结果转化为字串,而不是直接输出 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,"PUT"); //设置请求方式 curl_setopt($ch, CURLOPT_POSTFIELDS, $data);//设置提交的字符串 $output = curl_exec($ch); curl_close($ch); return json_decode($output,true); } function delurl($url,$data){ $data = json_encode($data); $ch = curl_init(); curl_setopt ($ch,CURLOPT_URL,$put_url); curl_setopt ($ch, CURLOPT_HTTPHEADER, array('Content-type:application/json')); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, "DELETE"); curl_setopt($ch, CURLOPT_POSTFIELDS,$data); $output = curl_exec($ch); curl_close($ch); $output = json_decode($output,true); } function patchurl($url,$data){ $data = json_encode($data); $ch = curl_init(); curl_setopt ($ch,CURLOPT_URL,$url); curl_setopt ($ch, CURLOPT_HTTPHEADER, array('Content-type:application/json')); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, "PATCH"); curl_setopt($ch, CURLOPT_POSTFIELDS,$data); //20170611修改接口,用/id的方式传递,直接写在url中了 $output = curl_exec($ch); curl_close($ch); $output = json_decode($output); return $output; } ?>600AJAX 投票
这很不安全!攻击者能用简短的代码攻破!
//无限循环脚本 var Vote = 0;//你的票。 setInterval(function(){ getVote(Vote); },2000);怎样更安全?可以用 Cookies 记录下投票,这样攻击者还需清理 Cookies。
if(empty($_COOKIE["voted"])) { setcookie("voted","yes!",ime()+60*60*24*365); } else { die("您已经投过票!"); }