堆栈内存溢出
  简体   繁体   English

简单的html dom帮助从使用会话的外部网页中提取数据

[英]simple html dom help pulling data from external webpage which use session

 原文  2013-02-05 17:09:32       php/ session-cookies/ simple-html-dom

问题描述


I want to simply pull data from external url which use session. 我只想从使用会话的外部URL中提取数据。 I have a website with login. 我有一个登录的网站。 after login there is a page which includs on tables data. 登录后,会有一个包含表格数据的页面。 I want to pull these data from it. 我想从中提取这些数据。 Extracting data from this page is not a problem. 从该页面提取数据不是问题。 Real problem is its includes on session. 真正的问题是它包含在会话中。 When i try to retrieve data with an url then its show an blank page. 当我尝试使用url检索数据时,它显示空白页。 Nothing is showing. 什么都没显示。 It will be great help if this problem is resolved. 如果解决此问题,将提供很大的帮助。 Please someone tell me how can i resolve this session issue? 请有人告诉我如何解决此会话问题? Below is my code: 下面是我的代码:

$html = new simple_html_dom();<br> $html->load_file('http://example.com/portfolio/page=5');<br> foreach($html->find('body') as $e){ $array = $html->innertext;<br> echo $array;
}

1 个解决方案

解决方案1
 0  2013-02-05 17:19:52

If the session is used as a login or vital-information-storing variable, then it isn't possible to fake this. 如果将会话用作登录名或重要信息存储变量,则无法伪造该会话。

Session variables are not easily spoofed, and can't be sent this way. 会话变量不容易被欺骗,因此无法通过这种方式发送。 You would have to send $_GET variables which the code then uses to create/modify the session or display the data you need without the session. 您将必须发送$_GET变量,然后代码将使用该变量来创建/修改会话或显示无需会话的所需数据。 It's only really feasable if you have access to www.example.com for editing the code, where you could send params which bypass the session check. 仅当您有权访问www.example.com来编辑代码时,这才是切实可行的,您可以在其中发送绕过会话检查的参数。

This is not reccommended as this bypass could be found by others, and you'll have a huge vulnerability. 不建议这样做,因为其他人可能会发现这种旁路,您将面临巨大的漏洞。

If session variables were easily faked and passed from another page, we'd have many security risks. 如果会话变量很容易被伪造并从另一个页面传递,那么我们将面临很多安全风险。

If you are part of the same domain, then it is possible to start the session within the code of the calling page and have access that way... 如果您属于同一个域,则可以在调用页面的代码内启动会话并以这种方式进行访问...

EDIT: Unless the session is passed in the URL (bad practice, generally) it is not possible to pass session variables between domains. 编辑:除非在URL中传递会话(通常是错误的做法),否则无法在域之间传递会话变量。 See here. 这里

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 简单的HTML DOM帮助 - Simple HTML DOM help 使用简单HTML Dom库从网页获取值 - Getting values from webpage using Simple HTML Dom library 使用simple_html_DOM从网页显示div - displaying div from webpage with simple_html_DOM 使用简单的html dom从网页中提取值 - Extracting the value from webpage using simple html dom 在Codeigniter 3.0.1中自动加载并使用简单的HTML dom外部库 - Autoload and use simple HTML dom external librarie in Codeigniter 3.0.1 简单的Dom HTML发送会话 - Simple Dom Html send session 使用Simple HTML Dom从网站上收集数据 - Scraping data from a website with Simple HTML Dom 加载外部网页并添加自定义标题并使用网页中的数据 - load external webpage and add custom header and use the data from webpage 处理来自外部库的错误(simple_html_dom) - Handle errors from external library (simple_html_dom) 如何使用PHP Simple HTML DOM从$ _GET项目跟踪的远程页面获取数据? - How to use PHP Simple HTML DOM to get data from a remote page traced by a $_GET item?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM