PHP GET变量数组注射 [英] PHP GET variable array injection

问题描述

我最近了解到，有可能注入阵列到PHP GET变量执行code执行？

I've recently learned that it's possible to inject arrays into PHP GET variables to perform code execution?

.PHP一个[] = ASD＆放大器;一个[] = asdasd和b [] = $ A

这是我给出的例子。我不知道它是如何工作的，并想知道这是否可能？

That was the example I was given. I have no idea how it works and was wondering if this is even possible?

推荐答案

PHP将解析查询字符串，而 $ _ GET 超全局数组中注入这些值（同为 $ _ POST 如果这是在一个形式使用POST，顺便说一句做）的

PHP will parse the query string, and inject those values in the $_GET super-global array (same for $_POST if this was done in a form using POST, btw).

在你的情况下， $ _ GET 数组将包含这样的：

In your case, the $_GET array will contain this :

array
  'a' => 
    array
      0 => string 'asd' (length=3)
      1 => string 'asdasd' (length=6)
  'b' => 
    array
      0 => string '$a' (length=2)

在查询字符串中传递的每个值将PHP中的 $ _ GET 阵列中说，如果有必要创建子阵列，当有使用[] 在查询字符串。

Each value passed in the query string will be put by PHP in the $_GET array, creating sub-arrays if necessary, when there are [] used in the query string.

不过，这不会导致任何形式的code执行：只要你处理输入正确的（即不信任输入，并使用评估就可以了，或者任何一种这样的馊主意）的，有没有code注射的危险。

But this doesn't cause any kind of "code execution" : as long as you deal with input properly (i.e. don't trust the input and use eval on it, or any kind of bad idea like this), there is no risk of code-injection.

这篇关于PHP GET变量数组注射的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！