实现flexigrid,使用ajax响应问题,返回整个php文件
我准备实施 flexigirid。
问题是,当 flexigrid 尝试发送 POST 时(在我的本地 LAMP 设置上尝试这个 示例)
POST 示例:
page=1&rp=10&sortname=id&sortorder=asc&query=&qtype=name
这有效并被发送到 post2.php,问题是来自我的本地服务器的响应。这是示例(上面提供的)的结果。
{
page: 1,
total: 240,
rows: [
{id:'1',cell:['1','AF','AFGHANISTAN','Afghanistan','AFG','4']},
{id:'2',cell:['2','AL','ALBANIA','Albania','ALB','8']},
{id:'3',cell:['3','DZ','ALGERIA','Algeria','DZA','12']},
{id:'4',cell:['4','AS','AMERICAN SAMOA','American Samoa','ASM','16']},
{id:'5',cell:['5','AD','ANDORRA','Andorra','AND','20']},
{id:'6',cell:['6','AO','ANGOLA','Angola','AGO','24']},
{id:'7',cell:['7','AI','ANGUILLA','Anguilla','AIA','660']},
{id:'8',cell:['8','AQ','ANTARCTICA','Antarctica','','']},
{id:'9',cell:['9','AG','ANTIGUA AND BARBUDA','Antigua and Barbuda','ATG','28']},
{id:'10',cell:['10','AR','ARGENTINA','Argentina','ARG','32']}]
}
这填满了表格,一切都很好。
这是我从服务器收到的完整响应: (使用burp suite来分析请求和响应)
HTTP/1.1 200 OK
Date: Mon, 21 Feb 2011 15:13:18 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Cache-Control: public
Expires: Mon, 21 Feb 2011 15:13:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 2287
<?
error_reporting(0);
function runSQL($rsql) {
$hostname = "localhost";
$username = "removed..";
$password = "removed..";
$dbname = "removed..";
$connect = mysql_connect($hostname,$username,$password) or die ("Error: could not connect to database");
$db = mysql_select_db($dbname);
$result = mysql_query($rsql) or die ('test');
return $result;
mysql_close($connect);
}
function countRec($fname,$tname,$where) {
$sql = "SELECT count($fname) FROM $tname $where";
$result = runSQL($sql);
while ($row = mysql_fetch_array($result)) {
return $row[0];
}
}
$page = $_POST['page'];
$rp = $_POST['rp'];
$sortname = $_POST['sortname'];
$sortorder = $_POST['sortorder'];
if (!$sortname) $sortname = 'name';
if (!$sortorder) $sortorder = 'desc';
if($_POST['query']!=''){
$where = "WHERE `".$_POST['qtype']."` LIKE '%".$_POST['query']."%' ";
} else {
$where ='';
}
if($_POST['letter_pressed']!=''){
$where = "WHERE `".$_POST['qtype']."` LIKE '".$_POST['letter_pressed']."%' ";
}
if($_POST['letter_pressed']=='#'){
$where = "WHERE `".$_POST['qtype']."` REGEXP '[[:digit:]]' ";
}
$sort = "ORDER BY $sortname $sortorder";
if (!$page) $page = 1;
if (!$rp) $rp = 10;
$start = (($page-1) * $rp);
$limit = "LIMIT $start, $rp";
$sql = "SELECT id,iso,name,printable_name,iso3,numcode FROM country $where $sort $limit";
$result = runSQL($sql);
$total = countRec('iso','country',$where);
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
header("Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . "GMT" );
header("Cache-Control: no-cache, must-revalidate" );
header("Pragma: no-cache" );
header("Content-type: text/x-json");
$json = "";
$json .= "{\n";
$json .= "page: $page,\n";
$json .= "total: $total,\n";
$json .= "rows: [";
$rc = false;
while ($row = mysql_fetch_array($result)) {
if ($rc) $json .= ",";
$json .= "\n{";
$json .= "id:'".$row['id']."',";
$json .= "cell:['".$row['id']."','".$row['iso']."'";
$json .= ",'".addslashes($row['name'])."'";
$json .= ",'".addslashes($row['printable_name'])."'";
$json .= ",'".addslashes($row['iso3'])."'";
$json .= ",'".addslashes($row['numcode'])."']";
$json .= "}";
$rc = true;
}
$json .= "]\n";
$json .= "}";
echo $json;
?>
清除整个post2.php文件被退回?! (使用我的 mysql 密码和用户名!)而不是 $json 变量...发生了什么事? PHP 是服务器端,只能看到文件末尾的 echo $json; 。这让我有点害怕..很大的安全缺陷..
I am tying to implement flexigirid.
Problem is that when flexigrid try send a POST (trying this example on my local LAMP setup)
POST example:
page=1&rp=10&sortname=id&sortorder=asc&query=&qtype=name
This works and is sent to post2.php, problem is the response from my local server. Here is the result from the example (provided above).
{
page: 1,
total: 240,
rows: [
{id:'1',cell:['1','AF','AFGHANISTAN','Afghanistan','AFG','4']},
{id:'2',cell:['2','AL','ALBANIA','Albania','ALB','8']},
{id:'3',cell:['3','DZ','ALGERIA','Algeria','DZA','12']},
{id:'4',cell:['4','AS','AMERICAN SAMOA','American Samoa','ASM','16']},
{id:'5',cell:['5','AD','ANDORRA','Andorra','AND','20']},
{id:'6',cell:['6','AO','ANGOLA','Angola','AGO','24']},
{id:'7',cell:['7','AI','ANGUILLA','Anguilla','AIA','660']},
{id:'8',cell:['8','AQ','ANTARCTICA','Antarctica','','']},
{id:'9',cell:['9','AG','ANTIGUA AND BARBUDA','Antigua and Barbuda','ATG','28']},
{id:'10',cell:['10','AR','ARGENTINA','Argentina','ARG','32']}]
}
This fills out the table and everthing is good.
Here is the response I get from my server in full:
(using burp suite to analyze the request and responses)
HTTP/1.1 200 OK
Date: Mon, 21 Feb 2011 15:13:18 GMT
Server: Apache/2.2.14 (Win32) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l mod_autoindex_color PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Cache-Control: public
Expires: Mon, 21 Feb 2011 15:13:18 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 2287
<?
error_reporting(0);
function runSQL($rsql) {
$hostname = "localhost";
$username = "removed..";
$password = "removed..";
$dbname = "removed..";
$connect = mysql_connect($hostname,$username,$password) or die ("Error: could not connect to database");
$db = mysql_select_db($dbname);
$result = mysql_query($rsql) or die ('test');
return $result;
mysql_close($connect);
}
function countRec($fname,$tname,$where) {
$sql = "SELECT count($fname) FROM $tname $where";
$result = runSQL($sql);
while ($row = mysql_fetch_array($result)) {
return $row[0];
}
}
$page = $_POST['page'];
$rp = $_POST['rp'];
$sortname = $_POST['sortname'];
$sortorder = $_POST['sortorder'];
if (!$sortname) $sortname = 'name';
if (!$sortorder) $sortorder = 'desc';
if($_POST['query']!=''){
$where = "WHERE `".$_POST['qtype']."` LIKE '%".$_POST['query']."%' ";
} else {
$where ='';
}
if($_POST['letter_pressed']!=''){
$where = "WHERE `".$_POST['qtype']."` LIKE '".$_POST['letter_pressed']."%' ";
}
if($_POST['letter_pressed']=='#'){
$where = "WHERE `".$_POST['qtype']."` REGEXP '[[:digit:]]' ";
}
$sort = "ORDER BY $sortname $sortorder";
if (!$page) $page = 1;
if (!$rp) $rp = 10;
$start = (($page-1) * $rp);
$limit = "LIMIT $start, $rp";
$sql = "SELECT id,iso,name,printable_name,iso3,numcode FROM country $where $sort $limit";
$result = runSQL($sql);
$total = countRec('iso','country',$where);
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
header("Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . "GMT" );
header("Cache-Control: no-cache, must-revalidate" );
header("Pragma: no-cache" );
header("Content-type: text/x-json");
$json = "";
$json .= "{\n";
$json .= "page: $page,\n";
$json .= "total: $total,\n";
$json .= "rows: [";
$rc = false;
while ($row = mysql_fetch_array($result)) {
if ($rc) $json .= ",";
$json .= "\n{";
$json .= "id:'".$row['id']."',";
$json .= "cell:['".$row['id']."','".$row['iso']."'";
$json .= ",'".addslashes($row['name'])."'";
$json .= ",'".addslashes($row['printable_name'])."'";
$json .= ",'".addslashes($row['iso3'])."'";
$json .= ",'".addslashes($row['numcode'])."']";
$json .= "}";
$rc = true;
}
$json .= "]\n";
$json .= "}";
echo $json;
?>
Cleary the whole post2.php file is returned?! (With my mysql password and username!) And not the $json variable ... What is going on? PHP is server side, only the echo $json; at the end of the file should be seen. This freaked me out a little.. Big security flaw..
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
显然,您的服务器似乎没有配置为处理“<?”标签作为 php 标签。尝试替换“
Clearly, your server seems to not be configured to handle "<?" tags as php tags. Try replacing "<?" by "<?php". It should look better.