{"id":37,"date":"2025-04-01T15:33:45","date_gmt":"2025-04-01T07:33:45","guid":{"rendered":"https:\/\/www.zhaozhao123.cn\/php\/?p=37"},"modified":"2025-04-01T15:33:45","modified_gmt":"2025-04-01T07:33:45","slug":"php%e5%a4%84%e7%90%86%e5%9b%be%e7%89%87%e6%96%87%e4%bb%b6%e5%90%8d%e6%97%b6%e5%b8%b8%e8%a7%81%e9%94%99%e8%af%af%e6%9c%89%e5%93%aa%e4%ba%9b%ef%bc%9f","status":"publish","type":"post","link":"https:\/\/www.zhaozhao123.cn\/php\/post\/37.html","title":{"rendered":"PHP\u5904\u7406\u56fe\u7247\u6587\u4ef6\u540d\u65f6\u5e38\u89c1\u9519\u8bef\u6709\u54ea\u4e9b\uff1f"},"content":{"rendered":"\n<p>\u5728PHP\u5904\u7406\u56fe\u7247\u6587\u4ef6\u540d\u65f6\uff0c\u5e38\u89c1\u7684\u9519\u8bef\u4e3b\u8981\u6d89\u53ca\u7f16\u7801\u89e3\u6790\u3001\u8def\u5f84\u5904\u7406\u3001\u5b89\u5168\u9a8c\u8bc1\u7b49\u73af\u8282\u3002\u4ee5\u4e0b\u662f\u5173\u952e\u95ee\u9898\u53ca\u89e3\u51b3\u65b9\u6848\u7684\u603b\u7ed3\uff1a<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e00\u3001\u7f16\u7801\u5904\u7406\u9519\u8bef<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u9519\u8bef\u4f7f\u7528\u89e3\u7801\u51fd\u6570<\/strong><br>\u4f7f\u7528<code>urldecode()<\/code>\u800c\u975e<code>rawurldecode()<\/code>\uff0c\u5bfc\u81f4<code>+<\/code>\u88ab\u9519\u8bef\u8f6c\u6362\u4e3a\u7a7a\u683c\uff08\u4f8b\u5982\u6587\u4ef6\u540d<code>file+name.jpg<\/code>\u88ab\u8bef\u89e3\u6790\u4e3a<code>file name.jpg<\/code>\uff09\u3002\u5e94\u59cb\u7ec8\u901a\u8fc7<code>rawurldecode()<\/code>\u5904\u7406\u767e\u5206\u6bd4\u7f16\u7801\uff0c\u4fdd\u7559\u539f\u59cb\u7b26\u53f7\u3002<\/li>\n\n\n\n<li><strong>\u672a\u5904\u7406\u591a\u6b21\u7f16\u7801<\/strong><br>\u82e5\u6587\u4ef6\u540d\u88ab\u591a\u6b21\u7f16\u7801\uff08\u5982<code>%2520<\/code>\u8868\u793a\u539f\u59cb\u5b57\u7b26<code>%20<\/code>\uff09\uff0c\u4ec5\u89e3\u7801\u4e00\u6b21\u4f1a\u5bfc\u81f4\u6b8b\u7559\u7f16\u7801\u5b57\u7b26\u3002\u9700\u5faa\u73af\u89e3\u7801\u76f4\u81f3\u65e0\u53d8\u5316\uff1a<\/li>\n<\/ol>\n\n\n\n<pre class=\"wp-block-code\"><code>   do { $decoded = rawurldecode($path); } while ($decoded !== $path);<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e8c\u3001\u8def\u5f84\u89e3\u6790\u9519\u8bef<\/strong><\/p>\n\n\n\n<ol start=\"3\" class=\"wp-block-list\">\n<li><strong>\u672a\u5206\u79bbURL\u8def\u5f84\u4e0e\u53c2\u6570<\/strong><br>\u76f4\u63a5\u4ece\u5b8c\u6574URL\u63d0\u53d6\u6587\u4ef6\u540d\u65f6\uff0c\u672a\u7528<code>parse_url()<\/code>\u5206\u79bb\u8def\u5f84\u90e8\u5206\uff0c\u5bfc\u81f4\u67e5\u8be2\u53c2\u6570\uff08\u5982<code>?width=800<\/code>\uff09\u6df7\u5165\u6587\u4ef6\u540d\u3002\u6b63\u786e\u65b9\u6cd5\uff1a<\/li>\n<\/ol>\n\n\n\n<pre class=\"wp-block-code\"><code>   $path = parse_url($url, PHP_URL_PATH);<\/code><\/pre>\n\n\n\n<ol start=\"4\" class=\"wp-block-list\">\n<li><strong>\u8def\u5f84\u904d\u5386\u6f0f\u6d1e<\/strong><br>\u82e5\u6587\u4ef6\u540d\u542b<code>..\/<\/code>\u7b49\u5b57\u7b26\uff0c\u76f4\u63a5\u62fc\u63a5\u8def\u5f84\u53ef\u80fd\u5bfc\u81f4\u76ee\u5f55\u7a7f\u8d8a\u653b\u51fb\u3002\u9700\u7528<code>basename()<\/code>\u8fc7\u6ee4\u5371\u9669\u5b57\u7b26\uff1a<\/li>\n<\/ol>\n\n\n\n<pre class=\"wp-block-code\"><code>   $safe_name = basename($decoded_path);  \/\/ \u8f93\u5165`\/..\/image.jpg` \u2192 \u8f93\u51fa`image.jpg`<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e09\u3001\u5b89\u5168\u9a8c\u8bc1\u7f3a\u5931<\/strong><\/p>\n\n\n\n<ol start=\"5\" class=\"wp-block-list\">\n<li><strong>\u672a\u6821\u9a8c\u6587\u4ef6\u6269\u5c55\u540d<\/strong><br>\u672a\u901a\u8fc7\u767d\u540d\u5355\u9650\u5236\u6269\u5c55\u540d\uff08\u5982\u4ec5\u5141\u8bb8<code>jpg|png|gif<\/code>\uff09\uff0c\u53ef\u80fd\u5141\u8bb8\u4e0a\u4f20\u6076\u610f\u6587\u4ef6\u3002\u63a8\u8350\u6821\u9a8c\u903b\u8f91\uff1a<\/li>\n<\/ol>\n\n\n\n<pre class=\"wp-block-code\"><code>   $allowed_ext = &#91;'jpg', 'png'];\n   $ext = pathinfo($filename, PATHINFO_EXTENSION);\n   if (!in_array(strtolower($ext), $allowed_ext)) { \/* \u629b\u51fa\u5f02\u5e38 *\/ }<\/code><\/pre>\n\n\n\n<ol start=\"6\" class=\"wp-block-list\">\n<li><strong>\u5ffd\u7565\u591a\u5b57\u8282\u6587\u4ef6\u540d\u4e71\u7801<\/strong><br>\u5904\u7406\u4e2d\u6587\u6216\u7279\u6b8a\u8bed\u8a00\u6587\u4ef6\u540d\u65f6\uff0c\u672a\u8bbe\u7f6e<code>mbstring.internal_encoding<\/code>\u6216\u672a\u4f7f\u7528<code>mb_convert_encoding()<\/code>\uff0c\u5bfc\u81f4\u4e71\u7801\u3002\u9700\u7edf\u4e00\u4f7f\u7528UTF-8\u7f16\u7801\u5904\u7406\u3002<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u56db\u3001\u51fd\u6570\u4f7f\u7528\u4e0d\u5f53<\/strong><\/p>\n\n\n\n<ol start=\"7\" class=\"wp-block-list\">\n<li><strong><code>pathinfo()<\/code>\u5206\u5272\u9519\u8bef<\/strong><br>\u5f53\u6587\u4ef6\u540d\u542b\u591a\u4e2a<code>.<\/code>\uff08\u5982<code>image.v1.2.jpg<\/code>\uff09\uff0c<code>pathinfo()<\/code>\u53ef\u80fd\u9519\u8bef\u5206\u5272\u6269\u5c55\u540d\u3002\u5efa\u8bae\u7ed3\u5408\u6b63\u5219\u7cbe\u51c6\u5339\u914d\uff1a<\/li>\n<\/ol>\n\n\n\n<pre class=\"wp-block-code\"><code>   preg_match('\/^(.*?)\\.(&#91;a-z]+)$\/i', $filename, $matches);<\/code><\/pre>\n\n\n\n<ol start=\"8\" class=\"wp-block-list\">\n<li><strong>\u672a\u5904\u7406\u7279\u6b8a\u5b57\u7b26\u7a7a\u683c<\/strong><br>\u4eceURL\u63d0\u53d6\u6587\u4ef6\u540d\u65f6\uff0c\u672a\u8fd8\u539f\u7f16\u7801\u540e\u7684\u7a7a\u683c\uff08<code>%20<\/code>\uff09\uff0c\u5bfc\u81f4\u4fdd\u5b58\u7684\u6587\u4ef6\u540d\u5305\u542b<code>%20<\/code>\u800c\u975e\u5b9e\u9645\u7a7a\u683c\u3002\u9700\u786e\u4fdd\u5b8c\u5168\u89e3\u7801\u3002<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><strong>\u4e94\u3001\u6700\u4f73\u5b9e\u8df5\u5efa\u8bae<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u7edf\u4e00\u7f16\u7801\u89c4\u8303<\/strong>\uff1a\u5168\u7a0b\u4f7f\u7528UTF-8\u7f16\u7801\uff0c\u907f\u514d\u591a\u5e73\u53f0\u517c\u5bb9\u6027\u95ee\u9898\u3002<\/li>\n\n\n\n<li><strong>\u9632\u5fa1\u6027\u7f16\u7a0b<\/strong>\uff1a\u5bf9\u7528\u6237\u8f93\u5165\u7684\u6587\u4ef6\u540d\u8fdb\u884c\u4e25\u683c\u8fc7\u6ee4\uff0c\u7981\u6b62\u975e\u5fc5\u8981\u7b26\u53f7\u3002<\/li>\n\n\n\n<li><strong>\u65e5\u5fd7\u8bb0\u5f55<\/strong>\uff1a\u8bb0\u5f55\u6587\u4ef6\u64cd\u4f5c\u5f02\u5e38\uff0c\u4fbf\u4e8e\u8ffd\u8e2a\u95ee\u9898\u6e90\u5934\u3002<\/li>\n\n\n\n<li><strong>\u6d4b\u8bd5\u7528\u4f8b\u8986\u76d6<\/strong>\uff1a\u9488\u5bf9\u542b\u7279\u6b8a\u5b57\u7b26\u3001\u591a\u7f16\u7801\u5c42\u7ea7\u7684\u6587\u4ef6\u540d\u8bbe\u8ba1\u6d4b\u8bd5\u7528\u4f8b\u3002<\/li>\n<\/ul>\n\n\n\n<p>\u901a\u8fc7\u7efc\u5408\u5904\u7406\u7f16\u7801\u3001\u8def\u5f84\u3001\u5b89\u5168\u7b49\u73af\u8282\uff0c\u53ef\u663e\u8457\u51cf\u5c11\u6587\u4ef6\u540d\u5904\u7406\u4e2d\u7684\u5e38\u89c1\u9519\u8bef\u3002<\/p>\n\n\n\n<p>\u7531\u5c0f\u827aAI\u751f\u6210<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5728PHP\u5904\u7406\u56fe\u7247\u6587\u4ef6\u540d\u65f6\uff0c\u5e38\u89c1\u7684\u9519\u8bef\u4e3b\u8981\u6d89\u53ca\u7f16\u7801\u89e3\u6790\u3001\u8def\u5f84\u5904\u7406\u3001\u5b89\u5168\u9a8c\u8bc1\u7b49\u73af\u8282\u3002\u4ee5\u4e0b\u662f\u5173\u952e\u95ee\u9898\u53ca\u89e3\u51b3\u65b9\u6848\u7684\u603b\u7ed3\uff1a \u4e00\u3001\u7f16\u7801\u5904\u7406\u9519\u8bef \u4e8c\u3001\u8def\u5f84\u89e3\u6790\u9519\u8bef \u4e09\u3001\u5b89\u5168\u9a8c\u8bc1\u7f3a\u5931 \u56db\u3001\u51fd\u6570\u4f7f\u7528\u4e0d\u5f53 \u4e94\u3001\u6700\u4f73\u5b9e\u8df5\u5efa\u8bae \u901a\u8fc7\u7efc\u5408\u5904\u7406\u7f16\u7801\u3001\u8def\u5f84\u3001\u5b89\u5168\u7b49\u73af\u8282\uff0c\u53ef\u663e\u8457\u51cf\u5c11\u6587\u4ef6\u540d\u5904\u7406\u4e2d\u7684\u5e38\u89c1\u9519\u8bef\u3002 \u7531\u5c0f\u827aAI\u751f\u6210<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[28],"tuisongtax":[],"class_list":["post-37","post","type-post","status-publish","format-standard","hentry","category-jswz","tag-phptpwjmtq"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/posts\/37","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/comments?post=37"}],"version-history":[{"count":0,"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/posts\/37\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/media?parent=37"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/categories?post=37"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/tags?post=37"},{"taxonomy":"tuisongtax","embeddable":true,"href":"https:\/\/www.zhaozhao123.cn\/php\/wp-json\/wp\/v2\/tuisongtax?post=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}