PHP 5.2.x:当任何字段的值为“从anywords中删除anywords"时，$ _ POST为空? [英] PHP 5.2.x: $_POST is empty when any field has value of "drop anywords from anywords"?

问题描述

非常奇怪的错误！

当至少一个表单字段的值为"zeroOrMoreWords从oneOrMoreWords删除oneOrMoreWords"时，$ _ POST为空！只是为了向自己确认我并不疯，我在另一个使用PHP 5.2.11的网站上尝试了同样的事情，并且发生了同样的事情！

When at least 1 form field has value of "zeroOrMoreWords drop oneOrMoreWords from oneOrMoreWords", the $_POST comes empty! Just to confirm to myself I'm not crazy, I tried the same thing on another website that uses PHP 5.2.11 and happens the same thing!

我尝试过:

• PHP 5.2.8 = $ _POST为空.
• PHP 5.2.11 = $ _POST为空.
• PHP 5.2.14 =可以正常工作.
• PHP 5.3.5 =可以正常工作.

对此奇怪的事情有解释吗?

Any explanation to this weird thing?

这是一个著名网站上的实时示例: https://www.deviantart.com/users/login 尝试在用户名字段中插入从xxx中删除xxx"，然后在密码字段中输入任何内容，表单将返回而不会显示任何错误！

Here's a live example on a famous website: https://www.deviantart.com/users/login try to insert "drop xxx from xxx" in username field, and type anything for password field, the form will come back without showing any errors!

推荐答案

类似apache * mod_security *之类的声音是活跃的.如果它认为是SQL注入或其他不好的东西，它将删除POST数据.

Sounds like apache *mod_security* or something similar is active. If it thinks something is SQL injection or something else that is bad, it will remove the POST data.

这篇关于PHP 5.2.x:当任何字段的值为“从anywords中删除anywords"时，$ _ POST为空?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！