PHPKonf Istanbul PHP Conference 2019 - Call for Papers

11选五湖北开奖结果:Using remote files

湖北十一选五官网 www.na503.cn As long as allow_url_fopen is enabled in php.ini, you can use HTTP and FTP URLs with most of the functions that take a filename as a parameter. In addition, URLs can be used with the include, include_once, require and require_once statements (since PHP 5.2.0, allow_url_include must be enabled for these). See Supported Protocols and Wrappers for more information about the protocols supported by PHP.

For example, you can use this to open a file on a remote web server, parse the output for the data you want, and then use that data in a database query, or simply to output it in a style matching the rest of your website.

Example #1 Getting the title of a remote page

<?php
$file 
fopen ("//www.example.com/""r");
if (!
$file) {
    echo 
"<p>Unable to open remote file.\n";
    exit;
}
while (!
feof ($file)) {
    
$line fgets ($file1024);
    
/* This only works if the title and its tags are on one line */
    
if (preg_match ("@\<title\>(.*)\</title\>@i"$line$out)) {
        
$title $out[1];
        break;
    }
}
fclose($file);
?>

You can also write to files on an FTP server (provided that you have connected as a user with the correct access rights). You can only create new files using this method; if you try to overwrite a file that already exists, the fopen() call will fail.

To connect as a user other than 'anonymous', you need to specify the username (and possibly password) within the URL, such as 'ftp://user:[email protected]/path/to/file'. (You can use the same sort of syntax to access files via HTTP when they require Basic authentication.)

Example #2 Storing data on a remote server

<?php
$file 
fopen ("ftp://ftp.example.com/incoming/outputfile""w");
if (!
$file) {
    echo 
"<p>Unable to open remote file for writing.\n";
    exit;
}
/* Write the data here. */
fwrite ($file$_SERVER['HTTP_USER_AGENT'] . "\n");
fclose ($file);
?>

Note:

You might get the idea from the example above that you can use this technique to write to a remote log file. Unfortunately that would not work because the fopen() call will fail if the remote file already exists. To do distributed logging like that, you should take a look at syslog().

add a note add a note

User Contributed Notes 3 notes

up
9
slva dot web dot sit at gmail dot com
5 years ago
If  allow_url_fopen is disabled in php.ini you can use CURL function for check file exist:

<?php
$ch
= curl_init("//www.example.com/favicon.ico");

curl_setopt($ch, CURLOPT_NOBODY, true);
curl_exec($ch);
$retcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
// $retcode >= 400 -> not found, $retcode = 200, found.
curl_close($ch);
?>
up
-17
kalidass dot jst at gmail dot com
3 years ago
public function get_url($request_url) {

$curl_handle = curl_init();
    curl_setopt($curl_handle, CURLOPT_URL, $request_url);
    curl_setopt($curl_handle, CURLOPT_CONNECTTIMEOUT, 0);
    curl_setopt($curl_handle, CURLOPT_TIMEOUT, 0);
    curl_setopt($curl_handle, CURLOPT_SSL_VERIFYPEER, FALSE); 
    curl_setopt($curl_handle, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
    curl_setopt($curl_handle, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, TRUE);
    $JsonResponse = curl_exec($curl_handle);
    $http_code = curl_getinfo($curl_handle);

  return($JsonResponse);
}
get_url("//www.example.com");
up
-61
heck at fas dot harvard dot edu
14 years ago
The previous post is part right, part wrong. It's part right because it's true that the php script will run on the remote server, if it's capable of interpreting php scripts. You can see this by creating this script on a remote machine:
<?php
echo system("hostname");
?>
Then include that in a php file on your local machine. When you view it in a browser, you'll see the hostname of the remote machine.

However, that does not mean there are no security worries here. Just try replacing the previous script with this one:
<?php
echo "<?php system(\"hostname\"); ?>";
?>
I'm guessing you can figure out what that's gonna do.

So yes, remote includes can be a major security problem.
To Top
  • 12306网站用户信息外泄?铁总深夜“辟谣” 2018-12-11
  • 第二届加强创新和社会管理案例理论论坛暨社会管理创新案例颁奖典礼 2018-12-10
  • 中国共产党第十九次全国代表大会 2018-12-10
  • 女性之声——全国妇联 2018-12-10
  • NBA总决赛4比0横扫骑士问鼎 4年夺3冠勇士王朝! 2018-12-09
  • 图解:关于中国梦,习近平总书记这十句话直抵人心 2018-12-09
  • 【十九大·理论新视野】动漫:“美丽中国”如何绘就 2018-12-09
  • 宁波制造分享俄罗斯世界杯经济蛋糕 2018-12-08
  • 为丰富百姓餐桌提供更多选择(打开对外开放新局面) 2018-12-08
  • 英媒:中国正引领无人智能设备革命 城市机器人或将崛起 2018-12-08
  • 强征钢铝税惹众怒,美国在G7财长会上被孤立 2018-12-07
  • 太原35397名考生参加中考体测 2018-12-07
  • 西藏昂仁县:保障群众健康生活 用健康扶贫助推精准扶贫 2018-12-07
  • 警惕打着“高科技”旗号的食品虚假宣传 2018-12-07
  • 不是“不尊重公投”,而是不尊重人类社会发展规律就是不尊重人类。 2018-12-06
  • 546| 440| 486| 262| 266| 49| 791| 341| 165| 458|