PHP 5.2.x:当任何字段的值为“从anywords中删除anywords"时,$ _ POST为空? [英] PHP 5.2.x: $_POST is empty when any field has value of "drop anywords from anywords"?
问题描述
非常奇怪的错误!
当至少一个表单字段的值为"zeroOrMoreWords从oneOrMoreWords删除oneOrMoreWords"时,$ _ POST为空!只是为了向自己确认我并不疯,我在另一个使用PHP 5.2.11的网站上尝试了同样的事情,并且发生了同样的事情!
When at least 1 form field has value of "zeroOrMoreWords drop oneOrMoreWords from oneOrMoreWords", the $_POST comes empty! Just to confirm to myself I'm not crazy, I tried the same thing on another website that uses PHP 5.2.11 and happens the same thing!
我尝试过:
- PHP 5.2.8 = $ _POST为空.
- PHP 5.2.11 = $ _POST为空.
- PHP 5.2.14 =可以正常工作.
- PHP 5.3.5 =可以正常工作.
对此奇怪的事情有解释吗?
Any explanation to this weird thing?
这是一个著名网站上的实时示例: https://www.deviantart.com/users/login 尝试在用户名字段中插入从xxx中删除xxx",然后在密码字段中输入任何内容,表单将返回而不会显示任何错误!
Here's a live example on a famous website: https://www.deviantart.com/users/login try to insert "drop xxx from xxx" in username field, and type anything for password field, the form will come back without showing any errors!
推荐答案
类似apache * mod_security *之类的声音是活跃的.如果它认为是SQL注入或其他不好的东西,它将删除POST数据.
Sounds like apache *mod_security* or something similar is active. If it thinks something is SQL injection or something else that is bad, it will remove the POST data.
这篇关于PHP 5.2.x:当任何字段的值为“从anywords中删除anywords"时,$ _ POST为空?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!