我正在提交的表单字段中使用“具有x”进行事后交易。我的.htaccess确保https:和www。我的重定向是将帖子更改为上述数据的获取。如果我做了几乎所有更改,都可以正确重定向该帖子。
我要寻找的是使其像测试2一样工作,换句话说,将其作为具有关联发布数据的发布事务转发。表单的内容可能影响重写的行为似乎很奇怪。任何想法都非常欢迎。谢谢!
编辑: 根据下面的公认答案,这是运行mod-security的主机,以防止sql注入攻击。我本可以要求他们将其关闭,但决定离开它,只需要在$ _SERVER ['REDIRECT-STATUS']中检查“ 403”,以响应一条适当的消息即可。
这是我的测试代码,我用/ test uri调用以获取表格。
<?php
$uri = $_SERVER['REQUEST_URI'];
if ($uri == '/test') {
?>
<html>
<head>
</head>
<body>
<form
name="testForm"
method="post"
action="/testpost">
<input type="text"
name="testName"
value="having x,"/>
<input type="submit" name="submit" id="submit" value="test" />
</form>
</body>
</html>
<?php
} elseif ($uri == '/testpost') {
echo '<pre>';
var_dump($_POST);
var_dump($_SERVER);
}
下面是测试,显示$ _POST数据和$ _SERVER的相关部分:
测试1具有x,
array(0) {
}
array(56) {
["CONTENT_TYPE"]=>
string(33) "application/x-www-form-urlencoded"
["CONTENT_LENGTH"]=>
string(2) "32"
["HTTP_USER_AGENT"]=>
string(120) "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
["HTTP_X_FORWARDED_PROTO"]=>
string(5) "https"
["HTTP_X_HTTPS"]=>
string(2) "on"
["REDIRECT_REDIRECT_HTTPS"]=>
string(2) "on"
["REDIRECT_REDIRECT_SERVER_PORT"]=>
string(3) "443"
["REDIRECT_REDIRECT_REQUEST_METHOD"]=>
string(4) "POST"
["REDIRECT_REDIRECT_STATUS"]=>
string(3) "403"
["REDIRECT_HTTPS"]=>
string(2) "on"
["REDIRECT_SERVER_PORT"]=>
string(3) "443"
["REDIRECT_STATUS"]=>
string(3) "403"
["HTTPS"]=>
string(2) "on"
["SERVER_PORT"]=>
string(3) "443"
["REQUEST_SCHEME"]=>
string(5) "https"
["CONTEXT_PREFIX"]=>
string(0) ""
["REMOTE_PORT"]=>
string(5) "39916"
["REDIRECT_URL"]=>
string(10) "/403.shtml"
["SERVER_PROTOCOL"]=>
string(8) "HTTP/1.1"
["REQUEST_METHOD"]=>
string(3) "GET"
["QUERY_STRING"]=>
string(0) ""
["REQUEST_URI"]=>
string(9) "/testpost"
["SCRIPT_NAME"]=>
string(10) "/index.php"
["PHP_SELF"]=>
string(10) "/index.php"
}
测试2个x,
在测试2中,注意具有havng的拼写错误
array(2) {
["testName"]=>
string(8) "havng x,"
["submit"]=>
string(4) "test"
}
array(51) {
["CONTENT_TYPE"]=>
string(33) "application/x-www-form-urlencoded"
["CONTENT_LENGTH"]=>
string(2) "31"
["HTTP_USER_AGENT"]=>
string(120) "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
["HTTP_X_FORWARDED_PROTO"]=>
string(5) "https"
["HTTP_X_HTTPS"]=>
string(2) "on"
["REDIRECT_HTTPS"]=>
string(2) "on"
["REDIRECT_SERVER_PORT"]=>
string(3) "443"
["REDIRECT_STATUS"]=>
string(3) "200"
["HTTPS"]=>
string(2) "on"
["SERVER_PORT"]=>
string(3) "443"
["REQUEST_SCHEME"]=>
string(5) "https"
["CONTEXT_PREFIX"]=>
string(0) ""
["REMOTE_PORT"]=>
string(5) "42046"
["REDIRECT_URL"]=>
string(9) "/testpost"
["SERVER_PROTOCOL"]=>
string(8) "HTTP/1.1"
["REQUEST_METHOD"]=>
string(4) "POST"
["QUERY_STRING"]=>
string(0) ""
["REQUEST_URI"]=>
string(9) "/testpost"
["SCRIPT_NAME"]=>
string(10) "/index.php"
["PHP_SELF"]=>
string(10) "/index.php"
}
它还可以与:
一起使用having x
having,
aving x,
having something else,
etc.
但不适用于
having something,
having somethingelse,
这是htaccess代码:
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ /index.php [NC,L]
答案 0 :(得分:1)
您的主机正在阻止having x
。它认为这是服务器上的SQL注入攻击。如果您希望他们允许,请与您的房东交谈。