php수업 (2015070715)

===========================================================
LAB> 5.8 APM1 php .

-1.
2.
--
-CentOS apm1
php
--
-1.
2.
3.
4.
5.
6.
7.
-
php
(, ... )
php & DB (MySQL, Oracle, MS-SQL ...)
OWASP Top 10
php
DoS php
:
:
-- -1. CentOS apm1

- CentOS 5.8 apm1 .
: \apm\APM1
APM.txt .
2. webuser
# mkdir /etc/skel/public_html
# useradd webuser
# passwd webuser
# chmod o+x ~webuser
3. httpd.conf
- IP webuser .
- IP
- /usr/local/apache/htdocs .
# vi /usr/local/apache/conf/httpd.conf
-- /usr/local/apache/conf/httpd.conf -:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin boaniyagi@naver.com
DocumentRoot /home/webuser/public_html
ServerName 192.168.20.223
ErrorLog
logs/192.168.20.223-error_log
CustomLog
logs/192.168.20.223-access_log common
# Indexes .
# /home/webuser/public_html nobody read .
<Directory "/home/webuser/public_html">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
-- /usr/local/apache/conf/httpd.conf -# apachectl configtest
# apachectl restart
4. php webuser
- php /home/webuser/public_html .
: \\php\source
# chown -R webuser.webuser /home/webuser/public_html/source
5. editplus ftp
- http://editplus.co.kr .
-> FTP -> FTP ->
: centos5.8
FTP : 192.168.20.223
Username : webuser
Password : webuser's passwd
: public_html
:
: sftp
: 22
.
centos5.8
~ .
===========================================================
1. CGI .
2. .
3. .
===========================================================
# cd /usr/local/apache/cgi-bin
# chmod 755 *
# vi test.c
-- test.c -#include <stdio.h>
int main()
{
printf("Content-type: text/html\n\n");
printf("<center> Hello cgi </center>");
return 0;
}
-- test.c -# gcc -o test.cgi test.c
# ./test.cgi
-
http://192.168.20.223/cgi-bin/printenv
http://192.168.20.223/cgi-bin/test-cgi
http://192.168.20.223/cgi-bin/test.cgi
- /usr/local/apache/cgi-bin
cgi
cgi .
# vi ../conf/httpd.conf
-- ../conf/httpd.conf -:
DirectoryIndex index.html index.php index.cgi
:
<VirtualHost *:80>
#ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /home/webuser/public_html
ServerName 192.168.56.102
ErrorLog
logs/192.168.56.102-error_log
CustomLog
logs/192.168.56.102-access_log common
<Directory "/home/webuser/public_html">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
# ExecCGI cgi .
<Directory "/home/webuser/public_html/cgi">
Options ExecCGI
AddHandler cgi-script .cgi .pl
</Directory>
</VirtualHost>
-- ../conf/httpd.conf -# apachectl restart
$ cd public_html
$ mkdir cgi; cd cgi
$ vi index.c
-- index.c -#include <stdio.h>
int main()
{
char message[] = "Welcome to my server!";
char message2[] = " <font color=red size=7>hello</font>";
printf("Content-type: text/html\n\n");
printf("<html>\n"
"<head><title> %s </title></head>\n"
"<body>\n"
"<center>\n"
" %s \n"
"</center>\n"
"</body>\n"
"</html>", message, message2);
return 0;
}
-- index.c --
$ gcc -o index.cgi index.c

- .
$ ./index.cgi
:
:
- .
http://192.168.20.223/cgi/
-
cgi html
.
# telnet 192.168.56.102 80
Trying 192.168.56.102...
Connected to 192.168.56.102 (192.168.56.102).
Escape character is '^]'.
GET /cgi/ HTTP/1.0
HTTP/1.1 200 OK
Date: Tue, 07 Jul 2015 05:13:50 GMT
Server: Apache/1.3.41 (Unix) PHP/4.4.8
Connection: close
Content-Type: text/html
<html>
<head><title> Welcome to my server! </title></head>
<body>
<center>
<font color=red size=7>hello</font>
</center>
</body>
</html>
===========================================================
===========================================================
LAB> php
!! disable_functions
!! .
!! php .
# cp php.ini-dist /usr/local/php/lib/php.ini
# vi /usr/local/php/lib/php.ini
-- php.ini -:
:
disable_functions = system, shell_exec
:
:
-- php.ini -# apachectl restart
Warning: system() has been disabled for security reasons
in /home/webuser/public_html/source/chapter02/p98-shell-linux.php on line 11
===========================================================
- expose_php = On
# telnet 192.168.56.102 80
Trying 192.168.56.102...
Connected to 192.168.56.102 (192.168.56.102).
GET / HTTP/1.0
HTTP/1.1 200 OK
Date: Tue, 07 Jul 2015 12:54:46 GMT
Server: Apache/1.3.41 (Unix) PHP/4.4.8
Connection: close
Content-Type: text/html
- expose_php = Off
# telnet 192.168.56.102 80
Trying 192.168.56.102...
Connected to 192.168.56.102 (192.168.56.102).
GET / HTTP/1.0
HTTP/1.1 200 OK
Date: Tue, 07 Jul 2015 12:57:30 GMT
Server: Apache/1.3.41 (Unix)
===========================================================
LAB> form .
if(submit )
{
.
}else {
.
}
<?
if(!isset($_POST[submit]))
{
?>
<TABLE border=1>
<TR>
<TD> .</TD>
</TR>
</TABLE>
<FORM METHOD="POST" STYLE="display:inline">
<TABLE border=1>
<TR>
<TD>name</TD>
<TD><INPUT TYPE="TEXT" NAME="name"></TD>
</TR>
<TR>
<TD>userid</TD>
<TD><INPUT TYPE="TEXT" NAME="userid"></TD>
</TR>
<TR>
<TD colspan=2><INPUT TYPE="SUBMIT"></TD>
</TR>
<input type=hidden name=submit value=1>
</TABLE>
</FORM>
<?
} else
{
echo " $_POST[name]
$_POST[userid] ";
}
?>
===========================================================
===========================================================
LAB> .
-- register.html -<html>
<head>
<title> </title>
</head>
<body>
<?
$method_value="post";
$action_value="registerok.html";
$table_cellpadding=8;
$table_width=500;
?>
<form method=<?=$method_value?>
action=<?=$action_value?>
onSubmit=check_form()>
<table align=center border=1
cellpadding=<?=$table_cellpadding?>
cellspacing=0
width=<?=$table_width?>>
<tr>
<td align=center> </td>
<td> <input type=text name=username size=30> </td>
</tr>
<tr>
<td> <input type=text name=userid size=30> </td>
</tr>
<tr>
<td> <input type=password name=userpw size=30> </td>
</tr>
<tr>
<td>
<select name=tel1>
<option value="02">02</option>
<option value="010" selected>010</option>
</select> <input type=text name=tel2 size=7> <input type=text name=tel3 size=7>
</td>
</tr>
<tr>
<td>
<input type=radio name=regpath value=>
</td>
</tr>
<tr>
<td>
<input type=checkbox name=interest1 value=>
</td>
</tr>
<tr>
<td> </td>
<td>
<textarea name=memo rows=10 cols=50></textarea>
</td>
</tr>
<tr>
<td align=center colspan=2> <input type=submit value=> </td>
</tr>
</table>
</form>
</body>
</html>
-- register.html --- registerok.html -<?
// POST .
// print_r($_POST);
$dbhost
$dbuser
$dbpass
$dbname
=
=
=
=
"localhost";
"webuser";
"webuser1234";
"webuser";
// POST .
$username = $_POST['username'];
$userid
= $_POST['userid'];
$userpw
= $_POST['userpw'];
$tel
= $_POST['tel1'] . "-" . $_POST['tel2'] . "-" . $_POST['tel3'];
$regpath = $_POST['regpath'];
$interest1 = $_POST['interest1'];
$memo
= $_POST['memo'];
/*
* -* 1.
* 2.
* 3.
*/
-DBMS
DB

// DBMS
// : mysql_connect(, , );
$dbconnect = @mysql_connect($dbhost, $dbuser, $dbpass) or die("DBMS ");
// DB
mysql_select_db($dbname, $dbconnect);
//
$query = "INSERT INTO member VALUES(
'',
'$username',
'$userid',
'$userpw',
'$tel',
'$regpath',
'$interest1',
'$interest2',
'$interest3',
'$interest4',
'$memo',
now(),
'$_SERVER[REMOTE_ADDR]'
)
";
// echo $query;
//
mysql_query($query);
?>
<script language=javascript>
<!-alert(" ");
location.href = "register.html";
//-->
</script>
-- registerok.html --- DB DML -insert into values( , ... );
insert into (, ...) values( '', ... );
select * from ;
truncate ;
delete from ;
delete from WHERE no = 1;
-- DB DML --- DB -# /etc/init.d/mysqld stop
# rm -rf /usr/local/mysql/data
# mysql_install_db
# chown mysql.mysql /usr/local/mysql/data -R
# /etc/init.d/mysqld start
# mysqladmin -u root -p password 1234
password:
# mysql -h localhost -u root -p1234
mysql> quit
# vi ~/.my.cnf
<--
-- ~/.my.cnf --
<-<-<-<-<-<-<-<--
mysql
DB
DB
DB
mysql

[client]
host = localhost
user = root
password = 1234
-- ~/.my.cnf -# mysql
mysql> select user();
mysql> select host,user,password from mysql.user; <-- user table
mysql> delete from mysql.user where password = ''; <--
mysql> create database webuser; <-- webuser DB
mysql> show databases;
<-- DB
mysql> use webuser;
<-- webuser DB
mysql> \e
<--
create table member (
no int not null default 0 auto_increment,
username varchar(20) not null,
userid varchar(20) not null,
userpw varchar(20) not null,
call
varchar(20) not null,
regpath varchar(20),
interest1 varchar(10),
memo text,
date datetime,
ipaddr varchar(15),
primary key (no)
)TYPE=MyISAM;
mysql> \e
-> ;
Query OK, 0 rows affected (0.00 sec)
mysql> show tables;
+-------------------+
| Tables_in_webuser |
+-------------------+
| member
|
+-------------------+
1 row in set (0.00 sec)
mysql> desc member;
+-----------+-------------+------+-----+---------+----------------+
| Field
| Type
| Null | Key | Default | Extra
|
+-----------+-------------+------+-----+---------+----------------+
| no
| int(11)
|
| PRI | NULL
| auto_increment |
| username | varchar(20) |
|
|
|
|
| userid
| varchar(20) |
|
|
|
|
| userpw
| varchar(20) |
|
|
|
|
| call
| varchar(20) |
|
|
|
|
| regpath | varchar(20) | YES |
| NULL
|
|
| interest1 | varchar(10) | YES |
| NULL
|
|
| NULL
|
|
| NULL
|
|
| NULL
|
|
| memo
| text
| YES |
| NULL
|
|
| date
| datetime
| YES |
| NULL
|
|
| ipaddr
| varchar(15) | YES |
| NULL
|
|
+-----------+-------------+------+-----+---------+----------------+
13 rows in set (0.00 sec)
-- DB --
:
GRANT ALL privileges ON database.* TO ID@127.0.0.1 IDENTIFIED BY '';
o db
db user : webuser
db pass : webuser1234
database : webuser
mysql>
->
mysql>
mysql>
mysql>
GRANT ALL privileges ON webuser.* TO webuser@localhost

IDENTIFIED BY 'webuser1234';
select host,user,password from mysql.user;
select * from mysql.db;
quit
- webuser DB .
# mysql -u webuser -pwebuser1234 webuser
~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~
DB
- webuser .
mysql> select user();
<--
+-------------------+
| user()
|
+-------------------+
| webuser@localhost |
+-------------------+
mysql> select database(); <-- DB
+------------+
| database() |
+------------+
| webuser
|
+------------+
===========================================================
===========================================================
LAB> proxy tool GET / POST method
!!! POST !!!
http://paros.sourceforge.net -> paros
http://oracle.com -> jre(Java Runtime Environment)
- oracle .
JDK (Java Development Kit)
. JRE .
JRE (Java Runtime Environment)
.
1.
- Paros, JRE .
2. Paros
- localhost:8080
- 192.168.20.4:8080
3. proxy
- 127.0.0.1:8080
- 192.168.20.x:8080
4. POST
5. Paros trap request
6. HTTP
+------------------------+
+-------+ | +-------+ +-------+ |
|
| | |
| |
| |
| Client| | | Proxy | | Server| |
|
| | |
| |
| |
+-------+ | +-------+ +-------+ |
20.3
|
20.5
20.6
|
|
+------------------------+
|
windows 8 (20.5)
|
| 2 client
+-- proxy server : 20.5
| : http://192.168.20.6
|
| 3 client
+-- proxy server : 20.5
: http://192.168.20.7
+--------+
|
|
| Server |
|
|
+--------+
20.7
===========================================================
===========================================================
LAB> .
: LEVEL1
http://192.168.20.203/index.html
===========================================================
===========================================================
LAB> .
: LEVEL2
http://192.168.20.203/index2.html
===========================================================
===========================================================
LAB> .
: LEVEL3
http://192.168.20.203/index3.html
===========================================================
===========================================================
LAB> .
: LEVEL4
Hint : key .
http://192.168.20.203/index4.html
: ha??????????????? ^^*
===========================================================
===========================================================
LAB> .
!!! !!!


<html>
<head>
<title> </title>
</head>
<body>
<?
$table_width=500;
// 
$cur_timestamp = mktime(); // timstamp
$end_timestamp = mktime(12,50,0,7,10,2015); // 12 50 timstamp
// echo "cur_timestamp : " . $cur_timestamp . "<br>";
// echo "end_timestamp : " . $end_timestamp . "<br>";
// .
if($cur_timestamp > $end_timestamp)
{
?>
<br>
cellspacing=0
<tr>
<td align=center>
!!!
</td>
</tr>
</table>
<?
exit;
}
?>

cellspacing=0
<tr>
<td> <input type=text name=username size=30> </td>
</tr>
<tr>
<td> <input type=text name=userid size=30> </td>
</tr>
<tr>
</tr>
<tr>
<td> <input type=password name=userpw size=30> </td>

<td>
<select name=tel1>
</select>
<input type=text name=tel2 size=7>
<input type=text name=tel3 size=7>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td>
</td>
</tr>
<tr>
<td> </td>
<td>
<textarea name=memo rows=10 cols=50></textarea>
</td>
</tr>
<tr>
<td align=center colspan=2>
<input type=submit value=>
</td>
</tr>
</table>
</form>
</body>
</html>
===========================================================
===========================================================
LAB> .
!!! !!!
-- --
1.
2.
3.
4.
5.
6.
7.
--

html
form action

DB
--
1.
-- register.html -<html>
<head>
<title> </title>
</head>
<body>
<?
$cur_timestamp = mktime();
$end_timestamp = mktime(12,50,0,7,10,2015);
// echo "cur_timestamp : " . $cur_timestamp . "<br>";
// echo "end_timestamp : " . $end_timestamp . "<br>";
$table_width=500;
// $e 1 .
{
$e = 1;
}
?>
cellspacing=0
<?
if($e==1)
{
?>
<tr>
<td align=center colspan=2> </td>
</tr>
<?
}
?>
<tr>
<td> <input <?if($e==1)echo "disabled"?> type=text name=username size=30
> </td>
</tr>
<tr>

<td> <input <?if($e==1)echo "disabled"?> type=text name=userid size=30>
</td>
</tr>
<tr>
<td> <input <?if($e==1)echo "disabled"?> type=password name=userpw size=
30> </td>
</tr>
<tr>
<td>
<select name=tel1 <?if($e==1)echo "disabled"?> >
</select>
<input <?if($e==1)echo "disabled"?> type=text name=tel2 size=7>
<input <?if($e==1)echo "disabled"?> type=text name=tel3 size=7>
</td>
</tr>
<tr>
<td>
<input <?if($e==1)echo "disabled"?> type=radio name=regpath value=>
</td>
</tr>
<tr>
<td>
<input <?if($e==1)echo "disabled"?> type=checkbox name=interest1 valu
e=>
<input <?if($e==1)echo "disabled"?> type=checkbox name=interest2 value=>
e=>
e=>
</td>
</tr>
<tr>
<td> </td>
<td>
<textarea <?if($e==1)echo "disabled"?> name=memo rows=10 cols=50></textare
a>
</td>
</tr>
<tr>
<input <?if($e==1)echo "disabled"?> type=submit value=>
</td>
</tr>
</table>
</form>
</body>
</html>
-- register.html -2.
- html
3. html
- disabled .
4. form action
- form action registerok.html .
-
http://192.168.56.102/source/chapter03/register.html
|
v
http://192.168.56.102/source/chapter03/registerok.html
- form action
<form method=post
action=http://192.168.56.102/source/chapter03/registerok.html
:
:
5.
- .
6. DB
- DB .
7.
- registerok.html
.
-- registerok.html -<?
$cur_timestamp = mktime();
$end_timestamp = mktime(12,50,0,7,10,2015);
{
echo " ";
exit;
}
:
:
-- registerok.html -==========================================================
==========================================================
LAB> php .
!!! . !!!
php
1.
-
# ln -s /usr/local/php/bin/* /usr/bin
# vi fwrite.php
-- fwrite.php -#!/usr/bin/php
<?
$handle = fopen("/tmp/a.txt", "w");
// $string = " PHP ";
$string = "";
fwrite($handle, $string);
fclose($handle);
?>
-- fwrite.php -# chmod 755 fwrite.php
# rm -f /tmp/a.txt
# ./fwrite.php
# cat /tmp/a.txt
2.
- php
# php fwrite.php
==========================================================

http://php.net/manual/kr/features.file-upload.post-method.php
==========================================================
LAB>
: 4-27.php
<form method=post
action=<?=$_SERVER['PHP_SELF']?>
enctype=multipart/form-data>

<input type=file name=userfile>
</form>
<?
/*
* /tmp/uploads (nobody)
* .
*/
if(isset($_FILES['userfile']['tmp_name']))
{
$upload_dir = "/tmp/uploads/";
$upload_file = $upload_dir . $_FILES['userfile']['name'];
// .
if(!is_dir($upload_dir) )
{
mkdir($upload_dir, 0700);
}
if (is_uploaded_file($_FILES['userfile']['tmp_name']))
{
###########################################################
##
##
## php html . ##
## explode .
##
## explode .
##
###########################################################
$ext = explode(".", $_FILES['userfile']['name']);
/*
* print_r($ext);
* echo count($ext);
* echo "<br>";
* echo " : " . $ext[count($ext) - 1];
* exit;
*/
// count .
//
//
//
//
//
//
//
Linux strcasecmp
.
3 .
php .
RemoveType php
.
1 : , 2 : RemoveType
if($ext[count($ext)-1] == "html" ||
$ext[count($ext)-1] == "php" ||
$ext[count($ext)-1] == "kr")
{
echo "<script language=JavaScript>
alert(' ');
history.go(-1);
</script>
";
exit;
}
//
move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_file);
echo $_FILES['userfile']['tmp_name']." .";
}
?>
}
else {
echo $_FILES['userfile']['tmp_name']." .";
}
a.txt.gif.php
==========================================================
*** . ***
html
.

.
php
javascript
==========================================================
LAB> 11
... strcut .
<?
$str = 'abcdef';
echo "'{$str}' : " . strlen($str) . "<BR>";
$str = ' ';
echo "'{$str}' : " . strlen($str) . "<BR>";
// .
function strcut($str) {
$length = strlen($str); //
if($length > 10)
// 11
{
$str = substr($str, 0, 10); // 10
$str .= "...";
// ... .
}
return $str; // .
$teststr = "0123456789ABCDEF";
$teststr2 = "01234567";
echo strcut($teststr); // 0123456789...
echo "<br>";
echo strcut($teststr2); // 01234567
?>
==========================================================
==========================================================
-- 6-session_test.php -<?
session_start();
//$_SESSION['loginuser'] = "admin";
//$_SESSION['loginlevel'] = 1;
if(isset($_SESSION['loginuser']))
{
echo $_SESSION['loginuser'] . " ";
echo "<a href=logout.php> </a>";
} else {
echo " !";
}
?>
-- 6-session_test.php --- logout.php -<?
session_start();
session_destroy();
?>
<meta http-equiv=refresh content='0; url=6-session_test.php'>
-- logout.php -==========================================================
session
php session ?
session_start();
chapter06
|
+-- a.php
|
+-- b.php
o
-- a.php -a.php
-- a.php --- b.php -b.php
-- b.php -o
- Cookie ...
-- a.php -<?
session_start();
// (/tmp) .
// : sess_ (0byte)
?>
-- a.php --- b.php -<?
session_start();
session_destroy();
// (/tmp) .
?>
b.php
-- b.php -# ls /tmp
*****
*****
*****
*****
session_start() html 1
.
html session_start()
.
Warning: session_start() [function.session-start]:

Cannot send session cache limiter headers already sent (output started ...
ex1) 1
- a.php .
-- a.php -a.php
<?
session_start();
?>
-- a.php -ex2) 2
- 1 .
-- a.php -<?
session_start();
?>
a.php
-- a.php -o php.ini session .
# vi /usr/local/php/lib/php.ini
-- /usr/local/php/lib/php.ini -:
:
[Session]
-- /usr/local/php/lib/php.ini -o
-- a.php -<?
session_start();
$a = 1;
echo "a = " . $a . "<br>";
echo "b = " . $b . "<br>";
?>
a.php
-- a.php --- b.php -<?
session_start();
$b = 2;
echo "a = " . $a . "<br>";
echo "b = " . $b . "<br>";
?>
b.php
-- b.php --- a.php -a = 1
b =
a.php
-- b.php -a =
b = 2
b.php
o a.php b.php ( )
- : $_SESSION[''] = ;
-- -1. a.php , b.php
2. a.php
- a : O,
3. b.php
- a : O,
4. a.php
- a : O,
5.
-- --
b : X
b : O
b : O
-- a.php -<?
session_start();
$a = 1;
// a a .
// /tmp/ a .
$_SESSION['a'] = $a;
// b b .
$b = $_SESSION['b'];
echo "a = " . $a . "<br>";
echo "b = " . $b . "<br>";
?>
a.php
-- a.php --- b.php -<?
session_start();
$b = 2;
$_SESSION['b'] = $b;
$a = $_SESSION['a']; // a a .
echo "a = " . $a . "<br>";
echo "b = " . $b . "<br>";
?>
b.php
-- b.php - a .
# vi /tmp/sess_efd04215ba4dc2f0e8ab78faa72223f5
-- /tmp/sess_efd04215ba4dc2f0e8ab78faa72223f5 -a|i:10;b|i:2;
-- /tmp/sess_efd04215ba4dc2f0e8ab78faa72223f5 -b.php
-- -a = 10
b = 2
b.php
-- -a.php
- a.php a 1 a 1
.
-- -a = 1
b = 2
b.php
-- -# cat /tmp/sess_efd04215ba4dc2f0e8ab78faa72223f5
a|i:1;b|i:2;
1.
.
PHPSESSID=efd04215ba4dc2f0e8ab78faa72223f5
2. .
-- a.php -<?
session_start();
$a = 1;
$_SESSION['userid'] = "admin";
echo "a = " . $a . "<br>";
echo "b = " . $b . "<br>";
if(isset($_SESSION['userid']))
{
echo $_SESSION['userid'] . " " . "<br>";
} else {
echo " ";
}
?>
a.php
-- a.php -a.php
# cat /tmp/sess_efd04215ba4dc2f0e8ab78faa72223f5
a|i:1;b|i:2;userid|s:5:"admin";
-> -> -> a.php
/tmp sess_232e636b528f617d86a0ed4a96c88884
.
# ls /tmp/
sess_efd04215ba4dc2f0e8ab78faa72223f5
sess_232e636b528f617d86a0ed4a96c88884
# cat sess_efd04215ba4dc2f0e8ab78faa72223f5
- admin user1 .
# vi sess_232e636b528f617d86a0ed4a96c88884
-- sess_232e636b528f617d86a0ed4a96c88884 -a|i:1;userid|s:5:"user1";
-- sess_232e636b528f617d86a0ed4a96c88884 -# cat sess_232e636b528f617d86a0ed4a96c88884
a|i:1;userid|s:5:"user1";
- a.php
-- a.php -<?
session_start();
$a = 1;
// $_SESSION['userid'] = "admin";
echo "a = " . $a . "<br>";

echo "b = " . $b . "<br>";
if(isset($_SESSION['userid']))
{
echo $_SESSION['userid'] . " " . "<br>";
} else {
echo " ";
}
?>
a.php
-- a.php -o
.
1 : a.php
admin
2 : a.php
user1
o 2 admin .
# ls sess_*
sess_232e636b528f617d86a0ed4a96c88884
sess_efd04215ba4dc2f0e8ab78faa72223f5
# cat sess_232e636b528f617d86a0ed4a96c88884
a|i:1;userid|s:5:"user1";
# cat sess_efd04215ba4dc2f0e8ab78faa72223f5
1 : a.php
admin
2 : a.php
admin
*** , XSS
*** .
*** ?
*** admin
*** admin
*** .
- 1 (admin )
- admin session_destroy()
admin .
-- a.php -:
:
session_destroy();
?>
-- a.php -- 2 (user1 )
- user1 session_destroy()
admin .
admin user1 admin
.
-- a.php -:
:
// session_destroy();
?>
-- a.php -o
- admin/user1 .
- DB .
o
login.php
1. login.php
- userid userpw loginok.php .
-- - : post
URL : loginok.php
1 (userid) : userid
2 (userpw) : userpw

userid .
-- --- login.php -<?
session_start();
if(!isset($_SESSION['userid'])) //
{
?>
<form method=post action=loginok.php>
<table align=center border=1 cellpadding=5 cellspacing=0 width=250>
<tr>
<td align=ceter> id </td>
<td> <input type=text name=userid> </td>
</tr>
<tr>
<td align=ceter> pw </td>
<td> <input type=password name=userpw> </td>
</tr>
<tr>
</td>
</tr>
</table>
</form>
<?
} else { //
?>
cellpadding=5 cellspacing=0 width=250>
<tr>
<td align=ceter>
<?=$_SESSION['userid']?> !!!
</td>
</tr>
<tr>
<a href=logout.php></a>
</td>
</tr>
</table>
<?
}
?>
-- login.php -2. loginok.php
- .
-- -1 :
userid : user1, userpw : user1234
2 :
userid : admin, userpw : admin1234
- userid userpw
login.php .
$_SESSION['userid'] .
- userid userpw

login.php .
-- --- loginok.php -<?
session_start();
$user1_id = "user1";
$user1_pw = "user1234";
$user2_id = "admin";
$user2_pw = "admin1234";
// userid userpw .
if($user1_id == $_POST['userid'] && $user1_pw == $_POST['userpw'] )
{
$_SESSION['userid'] = "user1";
}
else // userid userpw .
if($user2_id == $_POST['userid'] && $user2_pw == $_POST['userpw'] )
{
$_SESSION['userid'] = "admin";
} else { // user1 admin .
echo "<script language=JavaScript>
alert('id pw !');
history.go(-1);
</script>
";
exit;
}
?>


<meta http-equiv=refresh content='0; url=login.php'>
-- loginok.php -3. logout.php
- login.php .
-- logout.php -<?
session_start();
session_destroy(); // .
?>
<meta http-equiv=refresh content='0; url=login.php'>
-- logout.php --- --
# ls -l sess_232e636b528f617d86a0ed4a96c88884
-rw------- 1 nobody nobody 19 Jul 14 14:52 sess_232e636b528f617d86a0ed4a96c88884
# stat sess_232e636b528f617d86a0ed4a96c88884
:
:
Access: 2015-07-14 14:52:09.000000000 +0900 <-Modify: 2015-07-14 14:52:09.000000000 +0900 <-Change: 2015-07-14 14:52:09.000000000 +0900 <-# cat sess_232e636b528f617d86a0ed4a96c88884
userid|s:5:"admin";
-
-
.
# stat sess_232e636b528f617d86a0ed4a96c88884
:
:
Access: 2015-07-14 14:52:42.000000000 +0900 <--
Modify: 2015-07-14 14:52:42.000000000 +0900 <--
Change: 2015-07-14 14:52:42.000000000 +0900 <--

php수업 (2015070715)

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

php수업 (2015070715)

Caricato da

Copyright:

Formati disponibili

===========================================================

LAB> 5.8 APM1 php .

-- -1. CentOS apm1

$ gcc -o index.cgi index.c

GRANT ALL privileges ON webuser.* TO webuser@localhost

<td> <input type=password name=userpw size=30> </td>

<td align=center> </td>

<td align=center> </td>

Warning: session_start() [function.session-start]:

echo "a = " . $a . "<br>";

Potrebbero piacerti anche