PHP curl trimmed 发送的数据
[英]Data sent with PHP curl trimmed
问题描述
I'm sending some key-value strings as post data with curl. I found that any semicolon is removed (according to target's request log).
我正在发送一些键值字符串作为 curl 的发布数据。我发现任何分号都被删除了(根据目标的请求日志)。 But just before I send the data, it still contain semicolon.但是就在我发送数据之前,它仍然包含分号。 Is there any input filtering in any curl operations below?下面任意curl操作有输入过滤吗?
function curlPostShellExec($data, $url)
{
$fields_string = '';
foreach($data as $key=>$value)
{
$fields_string .= $key.'='.$value.'&';
}
rtrim($fields_string, '&');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, count($data));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
1 个解决方案
解决方案1
1 已采纳 2020-02-24 05:13:09
Replace your semi-colons with %3A用%3A替换你的分号
Alternatively you could use urlencode() or as unclexo suggests http_build_query()或者你可以使用urlencode()或者 unclexo 建议http_build_query()
urlencode will encode your strings for safely transmitting via CURL or GET. urlencode 将对您的字符串进行编码,以便通过 CURL 或 GET 安全传输。 And you can decode them on the otherside with urldecode你可以在另一边用urldecode解码它们
Eg.例如。
urlencode(rtrim($fields_string, '&'));
Or you can replace your entire foreach block with:或者您可以将整个 foreach 块替换为:
$fields_string = http_build_query($data);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.