Special protocols in php, detailed explanation of php:// protocol

This article mainly introduces the special protocols in php, php:// protocol is explained in detail, interested friends can learn more.

php:// — Access each input/output stream (I/O streams)

Description

PHP provides some miscellaneous input/output (IO) streams, allowing access to PHP's input and output streams, standard input and output, and error descriptors, in-memory, and disk backup Temporary file streams and filters that can operate on other read and write file resources.

php://stdin, php://stdout and php://stderr

##, and are allowed direct interview The corresponding input or output stream of the PHP process. The data stream references the copied file descriptor, so if you open and then close it, Just turning off the copy, the actually referenced

STDIN is not affected. Note that PHP's behavior in this area was buggy until PHP 5.2.1. It is recommended that you simply use the constants STDIN, STDOUT and STDERR instead of manually opening these wrappers.

is read-only, and is write-only.

php://input

is a read-only stream that can access the requested raw data. In the case of POST requests, it is better to use instead of , as it does not rely on a specific directive. Moreover, in this case, there is no padding by default. Potentially requires less memory than activating always_populate_raw_post_data. enctype="multipart/form-data" is invalid.

Note: The opened data stream can only be read once; Data streams do not support seek operations. However, depending on the implementation of SAPI, when the request body data is saved, it can open another data stream and re-read it. Typically, this is only the case for POST requests, not other request methods such as PUT or PROPFIND.

##php://output

is a write-only data stream. Allows you to

print

the same way as echo Write to the output buffer.

php://fd

Allows direct access to the specified file descriptor. For example, references file descriptor 3.

php://memory and php://temp

and is a similar file A wrapper for data streams that allows reading and writing temporary data. The only difference between the two is that always stores data in memory, while will be deleted after the amount of memory reaches a predefined limit (the default is 2MB) is stored in a temporary file. The determination of the temporary file location is consistent with

sys_get_temp_dir()

.

The memory limit can be controlled by adding /maxmemory:NN. NN is the maximum amount of data retained in memory in bytes. If it exceeds, temporary files will be used.

php://filter

is a meta wrapper, Designed for filtering applications when a data stream is opened. This is useful for all-in-one file functions like readfile(), file() and file_get_contents(), There is no opportunity to apply additional filters before the data stream content is read.

The target uses the following parameters as part of its path. Composite filter chains can be specified on a path. For detailed use of these parameters, please refer to specific examples.

php://filter Parameters

Name	Description
resource=65f1762588797cc7d73b2de1d2ea6442	This parameter is required. It specifies the data stream you want to filter.
read=52c3f384ff5790890ce821c1bab772c1	This parameter is optional. You can set one or more filter names, separated by pipe characters (|).
write=ef34e844f4bce8cecd69e3dda39bc708	This parameter is optional. You can set one or more filter names, separated by pipe characters (|).
a3283853e6890ab963ef12d7dc0da257	Any filter list not prefixed with read= or write= will be applied to read or write= as appropriate Write chain.

Optional

##First of all, allow_url_includeOnly php://input, php://stdin, php://memory and php://temp. Allow readingOnly php://stdin, php://input, php://fd, php://memory and php:// temp. Allow writingOnly php://stdout, php://stderr, php://output, php://fd, php:// memory and php://temp. Allow appendingOnly php://stdout, php://stderr, php://output, php://fd, php://memory and php://temp (equal to writing)Allow simultaneous reading and writingOnly php://fd, php://memory and php:// temp. Supports Only php://memory and php://temp. Support NoSupport NoSupported NoSupported NoOnly supports php://stdin , php://stdout, php://stderr, php://fd and php://temp.

Update Log

Encapsulation protocol summary (for php://filter, refer to the filtered wrapper. )

Attributes	Supported
First followed by allow_url_fopen	No
stat()
unlink()
rename()
mkdir()
rmdir()
stream_select()

Version	Description
5.3.6	Added.
5.1.0	Added and .
5.0.0	Added.

##Example

##Example #1 php://temp/maxmemory

This optional option allows setting the maximum memory limit before starting to use temporary files.

<?php
// Set the limit to 5 MB.
$fiveMBs = 5 * 1024 * 1024;
$fp = fopen("php://temp/maxmemory:$fiveMBs", &#39;r+&#39;);

fputs($fp, "hello\n");

// Read what we have written.
rewind($fp);
echo stream_get_contents($fp);
?>

<br>##Example #2 php://filter/resource=65f1762588797cc7d73b2de1d2ea6442

This parameter must be located at the end of and points to the data stream that needs to be filtered.

<?php
/* 这简单等同于：  
readfile("http://www.example.com");  
实际上没有指定过滤器 
*/readfile("php://filter/resource= 
?>

Example #3 php://filter/read=839e3dc3db6bf6bf6b860c68d3dfd989

This parameter takes one or multiple filter names separated by pipe characters |.

<?php
/* 这会以大写字母输出 www.example.com 的全部内容 */
readfile
(
"php://filter/read=string.toupper/resource=http://www.example.com"
);
/* 这会和以上所做的一样，但还会用 ROT13 加密。 */
readfile
(
"php://filter/read=string.toupper|string.rot13/resource=http://www.example.com"
);
?>

<span style="color:rgb(0,0,0);"><span style="color:rgb(0,0,187);"></span></span><br>

##Example #4 php://filter/write=baa618a294ff893ec95c6e60d56e2455

This parameter takes one or is separated by the pipe character | Multiple filter names.

<?php
/* 这会通过 rot13 过滤器筛选出字符 "Hello World"
  然后写入当前目录下的 example.txt */
file_put_contents
(
"php://filter/write=string.rot13/resource=example.txt"
,
"Hello World"
);
?>

<span style="color:rgb(0,0,0);"><span style="color:rgb(0,0,187);"></span>##Related recommendations: </span><br>Http protocol post request parameters in PHP, php protocol post request_PHP tutorial

Http protocol post request parameters in PHP, php protocol post request

php post submission appears Input variables exceeded 1000

The above is the detailed content of Special protocols in php, detailed explanation of php:// protocol. For more information, please follow other related articles on the PHP Chinese website!