PHP _REQUEST 重定向?
我正在阅读一个脚本,但我一直坚持理解这一点:
$redirect = base64_decode($_REQUEST['redirect']);
header("Location:$redirect");exit;
因为 REQUEST 中的重定向变量没有在脚本中的任何地方定义。在此之前,已填写 POST 表单,但脚本中的任何位置都没有提及重定向变量,所以我很困惑它如何不为空...
编辑:
这是下面的表单代码。顺便说一句,就像我说的,“重定向”这个词没有出现在脚本中的任何地方,这让我感到困惑。
<form name="login" action="{$baseurl}/login" method="post">
{$lang12}
<input type="text" name="username" />
{$lang11}
<input type="password" name="password" />
<input type="submit" value="{$lang18}" />
<div class="test"><a href="{$baseurl}/signup"><b>{$lang30}</b></a> - <a href="{$baseurl}/password">{$lang19}</a></div>
<input type="hidden" name="authenticate" value="1" />
</form>
</div>
$lang 内容通常是数组中出现的单词,例如登录等。
I am reading a script but am stuck on understanding this:
$redirect = base64_decode($_REQUEST['redirect']);
header("Location:$redirect");exit;
because the redirect variable in REQUEST isn't defined anywhere in the script. Prior to this a POST form has been filled in, but there is NO mention of the redirect variable anywhere in the script so I am confused how it is not empty...
EDIT:
here's the form code below. btw like I said, the word 'redirect' doesn't appear ANYWHERE in the script, which is what is confusing me.
<form name="login" action="{$baseurl}/login" method="post">
{$lang12}
<input type="text" name="username" />
{$lang11}
<input type="password" name="password" />
<input type="submit" value="{$lang18}" />
<div class="test"><a href="{$baseurl}/signup"><b>{$lang30}</b></a> - <a href="{$baseurl}/password">{$lang19}</a></div>
<input type="hidden" name="authenticate" value="1" />
</form>
</div>
The $lang stuff is commonly appearing words from an array, e.g login, etc.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
我认为在没有看到实际代码的情况下不可能回答这个问题,但是 $_REQUEST 保存了
$_GET、$_POST和$_COOKIE中的所有变量。如果表单的方法设置为“post”并且其操作是带有 url 编码变量的 url,则表单实际上可以填充
$_GET和$_POST。因此,表单可能会将其所有数据发布到 url,然后将 get 变量添加到该 url 的末尾。例如:如果提交了该表单,则将定义以下内容:
$_POST['var2'], $_GET['var'], $_REQUEST['var2'], $_REQUEST['var']< /代码>。$_COOKIE也可以将隐藏变量放入 $_REQUEST 中。I don't think this is possible to answer for certain without seeing the actual code but $_REQUEST holds all the variables in
$_GET,$_POSTand$_COOKIE.A form can actually populate both
$_GETand$_POSTif its method is set to 'post' and its action is a url with url encoded variables. Thus the form might be posting all of its data to a url and then adding get variables to the end of that url. For example:If that form were submitted, the following would be defined:
$_POST['var2'], $_GET['var'], $_REQUEST['var2'], $_REQUEST['var'].$_COOKIEcould also be putting hidden variables in $_REQUEST.因此,如果您有
$_POST['redirect']、$_GET['redirect']或$_COOKIE['redirect'],< code>$_REQUEST['redirect'] 将被定义。尝试放置:找出它来自哪里。
So if you have
$_POST['redirect'],$_GET['redirect']or$_COOKIE['redirect'],$_REQUEST['redirect']will be defined. Try to put:To find out where it's coming from.
重定向变量很可能是cookie。如果您在表格中找不到它。
这将列出与 POST、GET 和 COOKIES 关联的所有输入变量。
it have so much possibility that the redirect variable is a cookies. if you cannot find it at the form.
that will list all your input variable associated with POST, GET and COOKIES.
如果不为空的话,它的内容是什么?
我觉得应该是这样的...
脚本里没有也没关系,可以通过GET来设置,
例如 /yourform.php?redirect=index.php
是否会导致不需要的重定向?
If it's not empty what's the content of it?
I think it should be something like this...
It doesn't matter that it's not in the script, you can set it via GET,
eg /yourform.php?redirect=index.php
Is it causing unwanted redirection?