Detailed explanation of filter protocol in PHP

小云云
Release: 2023-03-20 13:12:02
Original
4664 people have browsed it

This article mainly shares with you the detailed explanation of the filter protocol in PHP, hoping to help everyone.

php:// — 访问各个输入/输出流(I/O streams)php://input 是个可以访问请求的原始数据的只读流。 php://filter 是一种设计用来允许过滤器程序在打开时成为流的封装协议。这对于单独具有完整功能的文件函数非常有用,否则就没有机会在读取内容之前将过滤器应用于流之上。 该协议语法为:php://filter:/= 比如 php://filter:/resource=http://www.baidu.com
Copy after login

Use php://filter to obtain web page content:


        
Copy after login

Parameter list of php://filter

##Parameter Function read Read write Write resource Data source ##read parameter value can be

string.strip_tags: Clear all html tags in the data stream

string.toupper: Convert the content in the data stream to uppercase

string.tolower: Convert the content in the data stream to lowercase
convert. base64-encode: Convert the content in the data stream to base64 encoding convert.base64-decode: The corresponding decoding
above is a typical file inclusion vulnerability. We can view the code we want to see by constructing a statement containing the vulnerability: file=php://filter/convert.base64-encode/resource=index.php. Then decode the resulting base64 code.

The above is the detailed content of Detailed explanation of filter protocol in PHP. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!