php - move_uploaded_file - 为什么这很重要？ [英] php - move_uploaded_file - why is it important?

问题描述

手册写道：

blockquote>

move_uploaded_file

这个函数检查文件$ ​​b $ b指定的文件是否是有效的上传文件通过PHP的HTTP
上传机制上传）。如果该文件是有效的，它将被移动到目的地给出的
文件名。

如果有任何机会
上传的文件所做的任何事情都可能将其内容泄露给
用户，甚至可能泄漏给同一系统上的其他用户。

你能写一个例子说明为什么这么重要吗？

解决方案

因为使用常规的文件系统函数可能会创建安全漏洞。如果你在你的程序中这样做：

  rename（$ source，$ destination）; 
  

，攻击者可以控制 $ source ，他们已经获得了重命名（或移动！ - rename 也可以跨文件夹移动文件）的能力，任何PHP进程都可以访问的文件。如果它们也可以影响 $ destination ，或者在它之后有某种获得文件内容的方式被移动，他们可以使用这个漏洞至少获得你的源代码的访问权限，这通常会揭示认证证书。不难想象会发生这种情况：如果您接受用户上传并通过网址访问，则此功能将已经内置到您的应用程序中。

一般来说，一个你必须考虑的安全问题; _uploaded_file 函数可以帮助你在成功之坑。

更新（材料来自评论）：现在处理文件上传（通过 $ _ FILES ）主要使得 move_uploaded_file code>在技术上是不必要的。但不要忘记：



• 技术上不必要的可能仍然是一个好主意：我们正在谈论安全，为什么不安全？ / li>
  
• move_uploaded_files 是在 $ _ FILES 甚至不存在的时候引入的，广泛使用 register_globals 是现实，而不是儿童的恐怖故事。

I cannot imagine why should I use this function instead of a simple rename.

The manual writes:

move_uploaded_file

This function checks to ensure that the file designated by filename is a valid upload file (meaning that it was uploaded via PHP's HTTP POST upload mechanism). If the file is valid, it will be moved to the filename given by destination.

This sort of check is especially important if there is any chance that anything done with uploaded files could reveal their contents to the user, or even to other users on the same system.

Can you please write an example why is this so important?

解决方案

Because using regular filesystem functions for this purpose might create security vulnerabilities. If you do this in your program:

rename($source, $destination);

and the attacker is able to control the value of $source, they have gained the capability to rename (or move! -- rename also moves files across directories) any file that your PHP process has access to.

If they can also influence $destination or if there is some way of gaining access to the contents of the file after it is moved they can use this vulnerability to gain access to your source code at the very least, which would usually reveal authentication credentials. And it's not difficult to imagine this happening: if you accept user uploads and make them accessible over a URL this functionality would be already built into your application.

In general, it's a security issue that you have to think about; the _uploaded_file functions are there to help you land in the pit of success.

Update (material pulled from comments):

Modern handling of file uploads (through $_FILES) has largely made move_uploaded_file technically unnecessary. But don't forget that:

• Technically unnecessary might still be a good idea: we are talking security, why not be extra safe?
• move_uploaded_files was introduced at a time where $_FILES did not even exist and widespread usage of register_globals was reality instead of a children horror story.

这篇关于php - move_uploaded_file - 为什么这很重要？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！