3

当我运行此脚本时(http://bizonbytes.com/miscellaneous/sharrre.php?url=https://bizonbytes.com&type=googlePlus):

<?php
  //Sharrre by Julien Hany
  $json = array('url'=>'','count'=>0);
  $json['url'] = $_GET['url'];
  $url = urlencode($_GET['url']);
  $type = urlencode($_GET['type']);

  if(filter_var($_GET['url'], FILTER_VALIDATE_URL)){
    if($type == 'googlePlus'){  //source http://www.helmutgranda.com/2011/11/01/get-a-url-google-count-via-php/
      $content = parse("https://plusone.google.com/u/0/_/+1/fastbutton?url=".$url."&count=true");

      $dom = new DOMDocument;
      $dom->preserveWhiteSpace = false;
      @$dom->loadHTML($content);
      $domxpath = new DOMXPath($dom);
      $newDom = new DOMDocument;
      $newDom->formatOutput = true;

      $filtered = $domxpath->query("//div[@id='aggregateCount']");
      $json['count'] = str_replace('>', '', $filtered->item(0)->nodeValue);
    }
    else if($type == 'stumbleupon'){
      $content = parse("http://www.stumbleupon.com/services/1.01/badge.getinfo?url=$url");

      $result = json_decode($content);
      $json['count'] = $result->result->views;
      if( !isset($json['count']) ) $json['count'] = 0;
    }
    else if($type == 'pinterest'){
      $content = parse("http://api.pinterest.com/v1/urls/count.json?callback=&url=$url");

      $result = json_decode(str_replace(array('(', ')'), array('', ''), $content));
      $json['count'] = $result->count;
      if( !isset($json['count']) ) $json['count'] = 0;
    }
  }
  echo str_replace('\\/','/',json_encode($json));

  function parse($encUrl){
    $options = array(
      CURLOPT_RETURNTRANSFER => true, // return web page
      CURLOPT_HEADER => false, // don't return headers
      CURLOPT_FOLLOWLOCATION => true, // follow redirects
      CURLOPT_ENCODING => "", // handle all encodings
      CURLOPT_USERAGENT => 'sharrre', // who am i
      CURLOPT_AUTOREFERER => true, // set referer on redirect
      CURLOPT_CONNECTTIMEOUT => 5, // timeout on connect
      CURLOPT_TIMEOUT => 10, // timeout on response
      CURLOPT_MAXREDIRS => 3, // stop after 10 redirects
      CURLOPT_SSL_VERIFYHOST => 0,
      CURLOPT_SSL_VERIFYPEER => false,
    );
    $ch = curl_init();

    $options[CURLOPT_URL] = $encUrl;  
    curl_setopt_array($ch, $options);

    $content = curl_exec($ch);
    $err = curl_errno($ch);
    $errmsg = curl_error($ch);

    curl_close($ch);

    if ($errmsg != '' || $err != '') {
      /*print_r($errmsg);
      print_r($errmsg);*/
    }
    return $content;
  }
?>

我收到以下错误:

Warning: curl_setopt_array() [function.curl-setopt-array]: CURLOPT_FOLLOWLOCATION cannot be activated when safe_mode is enabled or an open_basedir is set in C:\Inetpub\vhosts\bizonbytes.com\httpdocs\miscellaneous\sharrre.php on line 56
{"url":"https://bizonbytes.com","count":""}

重要笔记

  • 我没有 PHP 经验我只需要运行这个脚本 (sharrre.php)
  • 我看过其他类似的案例,但可以找出问题所在。
  • 我已经打开 windows/php.ini 并确保 safe_mode = Off
  • 我注意到 open_basedir 是这样设置的;open_basedir =
  • 我需要在 open_basedir 中添加一些东西吗?
  • 这是有关已安装 php 版本的详细信息的链接。见http://bizonbytes.com/miscellaneous/test.php

感谢大家在这件事上的帮助

4

1 回答 1

10

请注意,这是一个安全警告。使用 cURL,网站可以将脚本重定向到类似的东西file:///etc/passwd并弄乱周围的东西。为了防止这种情况发生,只要设置了 open_basedir,cURL 就不会跟随位置。您必须手动关注它们,并手动检查所有关注的位置是否也安全。

php.net 上的这条评论实现了一个示例实现:

function curl_exec_follow(/*resource*/ $ch, /*int*/ &$maxredirect = null) {
    $mr = $maxredirect === null ? 5 : intval($maxredirect);
    if (ini_get('open_basedir') == '' && ini_get('safe_mode' == 'Off')) {
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, $mr > 0);
        curl_setopt($ch, CURLOPT_MAXREDIRS, $mr);
    } else {
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
        if ($mr > 0) {
            $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);

            $rch = curl_copy_handle($ch);
            curl_setopt($rch, CURLOPT_HEADER, true);
            curl_setopt($rch, CURLOPT_NOBODY, true);
            curl_setopt($rch, CURLOPT_FORBID_REUSE, false);
            curl_setopt($rch, CURLOPT_RETURNTRANSFER, true);
            do {
                curl_setopt($rch, CURLOPT_URL, $newurl);
                $header = curl_exec($rch);
                if (curl_errno($rch)) {
                    $code = 0;
                } else {
                    $code = curl_getinfo($rch, CURLINFO_HTTP_CODE);
                    if ($code == 301 || $code == 302) {
                        preg_match('/Location:(.*?)\n/', $header, $matches);
                        $newurl = trim(array_pop($matches));
                    } else {
                        $code = 0;
                    }
                }
            } while ($code && --$mr);
            curl_close($rch);
            if (!$mr) {
                if ($maxredirect === null) {
                    trigger_error('Too many redirects. When following redirects, libcurl hit the maximum amount.', E_USER_WARNING);
                } else {
                    $maxredirect = 0;
                }
                return false;
            }
            curl_setopt($ch, CURLOPT_URL, $newurl);
        }
    }
    return curl_exec($ch);
} 
于 2012-05-31T14:42:27.790 回答