通过HTTPS连接包含文件
[英]Including a file over a HTTPS connection
问题描述
Firstly, let me show you my code: 
首先,让我向您展示我的代码:
index.php 的index.php
<?php
$id = 123456;
include("https://secure.example.com/log.php");
?>
log.php log.php
<?php
echo $id;
?>
This simple code should, in theory, display 123456 on index.php , correct? 从理论上讲,这个简单的代码应该在index.php上显示123456,对吗? However, I get nothing. 但是,我什么也没得到。 I can only assume it's because I'm trying to include a file over a https connection, but is this actually the case? 我只能认为是因为我试图通过https连接包括文件,但实际上是这样吗? index.php is NOT on the secure server. index.php安全服务器上。
I have the following setting turned on in php.ini : 我在php.ini启用了以下设置:
allow_url_include = 1
allow_url_fopen = 1
Checking wrappers with the following code: 使用以下代码检查包装器:
var_dump(stream_get_wrappers());
Gives me an array showing https : 给我一个显示https的数组:
array(12) {
[0]=> string(5) "https"
[1]=> string(4) "ftps"
[2]=> string(13) "compress.zlib"
[3]=> string(14) "compress.bzip2"
[4]=> string(3) "php"
[5]=> string(4) "file"
[6]=> string(4) "glob"
[7]=> string(4) "data"
[8]=> string(4) "http"
[9]=> string(3) "ftp"
[10]=> string(4) "phar"
[11]=> string(3) "zip"
}
3 个解决方案
解决方案1
3 已采纳 2014-08-06 09:20:38
From the manual, always read the manual: 从手册中,请务必阅读手册:
If the target server interprets the target file as PHP code, variables may be passed to the included file using a URL request string as used with HTTP GET. 如果目标服务器将目标文件解释为PHP代码,则可以使用与HTTP GET一起使用的URL请求字符串将变量传递到包含的文件。 This is not strictly speaking the same thing as including the file and having it inherit the parent file's variable scope; 严格来讲,这与包括文件并让其继承父文件的变量作用域不同; the script is actually being run on the remote server and the result is then being included into the local script. 该脚本实际上是在远程服务器上运行的,然后将结果包含在本地脚本中。
解决方案2
2 2014-08-06 09:30:12
index.php 的index.php
<?php
$id = 123456;
include("https://secure.example.com/log.php");
?>
Either log. 无论是日志。 txt or log. txt或日志。 php using <?php echo '<'.'?php' echo $id; ?'.'>'; php使用<?php echo '<'.'?php' echo $id; ?'.'>'; <?php echo '<'.'?php' echo $id; ?'.'>'; like shown by scragar . 如scragar所示。
<?php
echo $id;
?>
The big problem here is, that you expose the sourecode of the file on https server - at least partially. 这里最大的问题是,您至少部分暴露了https服务器上文件的源代码。 You need to do this to be able to parse its contents remotely before the residing server does. 您需要执行此操作,以便能够在驻留服务器之前远程解析其内容。
What I suggest to do is a complete different approach. 我建议您采取一种完全不同的方法。
Connect to the https server using SSH . 使用SSH连接到https服务器。 This is a common and secure way to get data from a different server properly. 这是从另一台服务器正确获取数据的常用且安全的方法。 No risky configuration, no sourcecode exposed to the public. 没有危险的配置,没有公开的源代码。
Another alternative way is to implement a SOAP/REST or simple RPC, like you request the https server and it returns the result in json, which isn't risky, too. 另一种替代方法是实现SOAP / REST或简单的RPC,就像您请求https服务器一样,并且它在json中返回结果,这也没有风险。
解决方案3
0 2014-08-06 09:25:54
Try turning on some error reporting to see what actually happens: 尝试打开一些错误报告以查看实际发生的情况:
<?php
error_reporting (E_ALL);
ini_set ("display_errors", 1);
$id = 123456;
include("https://secure.example.com/log.php");
?>
EDIT: Yes, as I can see now, the real problem probably is that you are not including the source of the log.php but the output of it. 编辑:是的,正如我现在所看到的,真正的问题可能是您没有包括log.php的源代码,而是它的输出。 So there may be no errors to report. 因此,可能没有错误要报告。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.