PHP有/无需要传递变量 [英] PHP include/require without passing variables
问题描述
是否有可能包括一些在PHP中的不传递传递给原始脚本的变量?
Is it possible to include something in PHP without passing the variables that were passed to the original script?
我使用Joomla和我正在记录错误<一href="http://stackoverflow.com/questions/8356683/joomla-error-illegal-variable-files-or-env-or-get-or-post-or-cookie-or-s">here (非法变量...)。 PHP脚本是将数据发送回浏览器的AJAX脚本,所以这个脚本需要大量的POST变量,做一个数据库查询,然后回声结果。我想加强安全性,所以我把这个脚本中包括验证用建造它的Joomla模块的用户。我从构思<一href="http://stackoverflow.com/questions/2445549/how-to-get-current-joomla-user-with-external-php-script">here用户验证脚本。
验证脚本可用于一些网页,但与其他人我得到上述错误。所以我想包括验证脚本不传递任何变量给它。这可能吗?
I am using Joomla, and I am getting the error documented here ("Illegal Variables ..."). The php script is an AJAX script that sends data back to the browser, so this script takes a lot of POST variables, does a database query, then echos the result. I am trying to tighten up security, so I put an include in this script to authenticate the user with the built it Joomla modules. I got the idea from here for the user authentication script.
The authentication script works for some pages, but with others I get the error mentioned above. So I want to include the authentication script without passing any variables to it. Is this possible?
编辑:这里是一个更详细一点
Here is a little more detail.
在AJAX脚本,我有这样的:
In the ajax script I have this:
<?php
include '/var/www/joomla-auth.php';
...
下面这里是剧本,基本上是的Joomla-auth.php包括脚本需要获得用户名和密码MySQL查询的照顾。的Joomla-auth的内容:
below here is the script, basically the "joomla-auth.php" included script takes care of getting the username and password for a mysql query. Contents of joomla-auth:
<?php
define( '_JEXEC', 1 );
define('JPATH_BASE', dirname(__FILE__));
define( 'DS', DIRECTORY_SEPARATOR );
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
/* Create the Application */
$mainframe =& JFactory::getApplication('site');
/* Make sure we are logged in at all. */
if (JFactory::getUser()->id == 0)
die("Access denied: login required.");
$user =& JFactory::getUser();
我是pretty的肯定就是定义或要求线条所引发错误:
I am pretty sure it is the define or require lines that is throwing the error:
非法变量_files或_env或_GET或_POST或 _COOKIE或_SERVER或_session或全局传递给脚本。
Illegal variable _files or _env or _get or _post or _cookie or _server or _session or globals passed to script.
如记录在上面的第一连杆。
As documented in the first link above.
编辑2:
在'的Joomla-auth.php'脚本对$的用户名和密码$变量,然后在AJAX脚本中使用。我想这在AJAX脚本的顶部:
The 'joomla-auth.php' script makes $username and $password variables which are then used in the AJAX script. I tried this at the top of the AJAX script:
function get_creds(){
include '/var/www/joomla-auth.php';
return Array($username,$password);
}
$creds = get_creds();
$username = $creds[0];
$password = $creds[1];
....
但仍是$ _ POST变量被传递到/var/www/joomla-auth.php: - (
But still the $_POST variables are being passed to /var/www/joomla-auth.php :-(
推荐答案
的Joomla引发此错误,如果你通过它在错误中提到的网址增值经销商之一(或用mod_rewrite):
Joomla throws this error if you're passing it one of the vars mentioned in your error to the url (or via mod_rewrite):
_files或_env或_GET或_POST或_COOKIE或_SERVER或_session
_files or _env or _get or _post or _cookie or _server or _session
此外,我认为,如果你传递一个整数值变量相同的错误被抛出,如:
Besides, I think the same error is thrown if you're passing a whole numeric variable, such as:
http://yoursite.com/?123456=abc
只要确保你没有传递任何这些瓦尔的网址。如果无法找到问题,尝试检查什么在请求中的错误被抛出前。
Just make sure you're not passing any of these vars in the url. If you can't find the problem, try to check what's in the request before the error is thrown.
我希望它帮助!
这篇关于PHP有/无需要传递变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
