我在 CI 处理 $_GET 时遇到了问题,并找到了克服它的方法。
问题是,你能在这里看到任何安全问题吗?
我有我的网址,就像
/contacts
/company/info
我在 CodeIgniter 上的默认控制器称为index
$_GET只要我 遵循class/function/default_controller.
这两个 URL 的工作:
// class + function + default controller = ok
/class/function/index?var1=this&var2=that
// class + default controller = ok
/class/index?var1=this&var2=that
问题是我希望这些也能工作
// class without function nor default controller = NOT OK
/class?var1=this&var2=that
// class + function without default controller = NOT OK
/class/function?var1=this&var2=that
我的解决方案是在$_SERVER['REQUEST_URI'].
我不是正则表达式方面的专家,你能在这里看到可能的安全问题吗?
/*
|---------------------------------------------------------------
| MAKE CODEIGNITER BEHAVE ON _GETS!
|---------------------------------------------------------------
|
| CI doesn't like to play ball with /contacts?a=23 and fails on several ocasions
| This forces the first ? or & to be replaced by /index/ that is the default controller
|
*/
$_SERVER['REQUEST_URI'] = preg_replace('/\?|\&/', '/index/', $_SERVER['REQUEST_URI'], 1);
谢谢你。