2019-2020-2 缃戠粶瀵规姉鎶€鏈?20175306鐜嬩匠鐑?Exp8 Web鍩虹
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了2019-2020-2 缃戠粶瀵规姉鎶€鏈?20175306鐜嬩匠鐑?Exp8 Web鍩虹相关的知识,希望对你有一定的参考价值。
鏍囩锛?a href='http://www.mamicode.com/so/1/center' title='center'>center star local sql娉ㄥ叆 value 娣峰悎 tle 閿欒 false
2019-2020-2 缃戠粶瀵规姉鎶€鏈?20175306鐜嬩匠鐑?Exp8 Web鍩虹
涓€銆佸師鐞嗕笌瀹炶返璇存槑
html
- 鑳芥甯稿畨瑁呫€佸惎鍋淎pache銆傜悊瑙TML锛岀悊瑙h〃鍗曪紝鐞嗚ВGET涓嶱OST鏂规硶,缂栧啓涓€涓惈鏈夎〃鍗曠殑HTML銆?/li>
- 鐞嗚ВJavaScript鐨勫熀鏈姛鑳斤紝鐞嗚ВDOM銆傜紪鍐橨avaScript楠岃瘉鐢ㄦ埛鍚嶃€佸瘑鐮佺殑瑙勫垯銆?/li>
- Web鍚庣锛氱紪鍐橮HP缃戦〉锛岃繛鎺ユ暟鎹簱锛岃繘琛岀敤鎴疯璇?/li>
- 鍔熻兘鎻忚堪锛氱敤鎴疯兘鐧婚檰锛岀櫥闄嗙敤鎴峰悕瀵嗙爜淇濆瓨鍦ㄦ暟鎹簱涓紝鐧婚檰鎴愬姛鏄剧ず娆㈣繋椤甸潰銆?/li>
浜屻€佸疄楠屽唴瀹?/h2>
浠诲姟涓€锛歐eb鍓嶇HTML
1銆乲ali榛樿宸插畨瑁匒pache锛岀洿鎺ヤ娇鐢?code>service apache2 start鍛戒护鎵撳紑Apache鏈嶅姟鍗冲彲銆傚鍥炬墍绀猴紝濡傛灉娌℃湁浠讳綍閿欒鎻愮ず锛屽嵆琛ㄦ槑鎴愬姛寮€鍚€?br>
2銆佹鏃跺湪娴忚鍣ㄨ緭鍏?code>127.0.0.1锛屽鏋滃彲浠ユ墦寮€Apache鐨勯粯璁ょ綉椤碉紝鍒欏紑鍚垚鍔燂細
3銆佷娇鐢?code>cd /var/www/html杩涘叆Apache鐩綍涓嬶紝鏂板缓涓€涓畝鍗曠殑鍚湁琛ㄥ崟鐨刪tml鏂囦欢simple_form.html锛屽唴瀹瑰涓嬶細
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<h2 align="center">Login</h2>
<center>
<form action="login" method="post">
<input placeholder="E-mail" name="Name" class="user" type="email">
<br>
</br>
<input placeholder="Password" name="Password" class="pass" type="password">
<br>
</br>
<input type="submit" value="Login">
</form>
</center>
</body>
</html>
4銆佸湪娴忚鍣ㄤ腑杈撳叆/var/www/html/simple_form.html鎵撳紑缃戦〉濡備笅鎵€绀猴細
浠诲姟浜岋細Web鍓嶇锛歫avascipt
1銆佸湪鍘熸湁simple_form.html鍩虹涓婏紝鍙互娣诲姞涓€娈礘avaScript浠g爜锛屼互瀹屾垚瀵圭敤鎴锋槸鍚﹀~鍐欓偖绠卞拰瀵嗙爜鐨勫垽鏂€備慨鏀瑰悗鐨?code>login_test.html濡備笅鎵€绀猴細
<html>
<head>
<title>CryptoTeam</title>
<!-- Meta tag Keywords -->
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- Meta tag Keywords -->
</head>
<body>
<!-- main -->
<!--//header-->
<h2>Login Quick</h2>
<form action="login" method="post" name="form_login">
<input placeholder="E-mail" name="Email" class="user" type="email" onfocus="if (this.value==鈥榊our email鈥? this.value=鈥樷€?" />
<br>
</br>
<input placeholder="Password" name="Password" class="pass" type="password" onfocus="if (this.value==鈥榊our password鈥? this.value=鈥樷€?"/>
<br>
</br>
<input type="submit" value="Login" onClick="return validateLogin()"/>
</form>
<!--//main-->
<script language="javascript">
function validateLogin(){
var sUserName = document.form_login.Email.value ;
var sPassword = document.form_login.Password.value ;
if ((sUserName =="") || (sUserName=="Your email")){
alert("user email!");
return false ;
}
if ((sPassword =="") || (sPassword=="Your password")){
alert("password!");
return false ;
}
}
</script>
</body>
</html>
2銆佸湪娴忚鍣ㄨ闂?code>/var/www/html/login_test.html锛屽鏋滅敤鎴烽偖绠辨垨瀵嗙爜鏈~鍐欏氨鎻愪氦锛岀綉椤典細鍑虹幇浠ヤ笅鎻愮ず锛?br>
浠诲姟涓夛細Web鍚庣锛歁ySQL鍩虹
1銆佽緭鍏?code>/etc/init.d/mysql start寮€鍚疢ySQL鏈嶅姟锛?br>
2銆佽緭鍏?code>mysql -u root -p浣跨敤root鏉冮檺杩涘叆锛岄粯璁ょ殑瀵嗙爜鏄痯assword锛?br>
3銆佺敤show databases;鏌ョ湅鏁版嵁搴撳熀鏈俊鎭?
4銆佽緭鍏?code>use mysql;閫夋嫨浣跨敤mysql杩欎釜鏁版嵁搴?br>
5銆佽緭鍏?code>select user, password, host from user;鏌ョ湅褰撳墠鐢ㄦ埛淇℃伅:
6銆佽緭鍏?code>update user set password=PASSWORD("5306") where user=鈥榬oot鈥?锛屼慨鏀瑰瘑鐮侊紱
7銆佽緭鍏?code>flush privileges;锛屾洿鏂版潈闄愶細
8銆佽緭鍏?code>exit閫€鍑烘暟鎹簱锛屼娇鐢ㄦ柊鐨勫瘑鐮佺櫥褰曪細
9銆佷娇鐢?code>create database wjs;寤虹珛鏁版嵁搴?
10銆佷娇鐢?code>show databases;鏌ョ湅瀛樺湪鐨勬暟鎹簱锛?br>
11銆佷娇鐢?code>use wjs;浣跨敤鎴戜滑鍒涘缓鐨勬暟鎹簱锛?br>
12銆佷娇鐢?code>create table 琛ㄥ悕 (瀛楁璁惧畾鍒楄〃);寤虹珛鏁版嵁搴撹〃锛屽苟璁剧疆瀛楁鍩烘湰淇℃伅锛?/p>
- 杩欓噷浣跨敤鐨勬槸varchar绫诲瀷鑰岄潪char绫诲瀷锛屼粬浠殑宸埆濡備笅锛?
- char绫诲瀷鎸囧畾澶у皬鍚庝細棰勫垎閰嶅浐瀹氬ぇ灏忥紝涓嶇鏄惁浣跨敤绌洪棿閮借鍗犵敤
- varchar绫诲瀷鐢ㄥ灏戝崰澶氬皯锛屽彧鏄笉鑳借秴杩囨嫭鍙蜂腑鎸囧畾鐨勪笂闄?br>
13銆佷娇鐢?code>show tables;鏌ョ湅琛ㄤ俊鎭細
14銆佷娇鐢?code>insert into 琛ㄥ悕 values(鈥樺€?鈥?鈥樺€?鈥?鈥樺€?鈥?..);鎻掑叆鏁版嵁锛?br>
15銆佷娇鐢?code>select * from 琛ㄥ悕;鏌ヨ琛ㄤ腑鐨勬暟鎹細
16銆佸湪MySQL涓鍔犳柊鐢ㄦ埛锛屼娇鐢?code>grant select,insert,update,delete on 鏁版嵁搴?* to 鐢ㄦ埛鍚岪鐧诲綍涓绘満(鍙互鏄痩ocalhost,涔熷彲浠ユ槸杩滅▼鐧诲綍鏂瑰紡鐨処P) identified by "瀵嗙爜";鎸囦护锛岃繖鍙ヨ瘽鐨勬剰鎬濇槸灏嗗鏌愭暟鎹簱鐨勬墍鏈夎〃鐨剆elect,insert,update,delete鏉冮檺鎺堜簣鏌恑p鐧诲綍鐨勬煇鐢ㄦ埛锛?br>
17銆佸鍔犳柊鐢ㄦ埛鍚?code>exit閫€鍑猴紝鐒跺悗浣跨敤鏂扮殑鐢ㄦ埛鍚嶅拰瀵嗙爜杩涜鐧诲綍锛?br>
鐧诲綍鎴愬姛锛岃鏄庢垚鍔熷鍔犳柊鐢ㄦ埛銆?/p>
浠诲姟鍥涳細Web鍚庣锛氱紪鍐橮HP缃戦〉
1銆佸湪/var/www/html鐩綍涓嬫柊寤轰竴涓狿HP娴嬭瘯鏂囦欢phptest.php锛岀畝鍗曚簡瑙d竴涓嬪畠鐨勪竴浜涜娉?
<?php
echo ($_GET["a"]);
include($_GET["a"]);
echo "Hello word! This is my php test page!<br>";
?>
2銆佸湪娴忚鍣ㄧ綉鍧€鏍忎腑杈撳叆localhost:80/phptest.php锛屽彲鐪嬪埌鏂囦欢鐨勫唴瀹?
涔熷彲浠ュ湪娴忚鍣ㄧ綉鍧€鏍忎腑杈撳叆localhost:80/phptest.php?a=/etc/passwd锛屽彲鐪嬪埌/etc/passwd鏂囦欢鐨勫唴瀹?
3銆佸埄鐢≒HP鍜孧ySQL锛岀粨鍚堜箣鍓嶇紪鍐欑殑鐧诲綍缃戦〉杩涜鐧诲綍韬唤璁よ瘉锛屼慨鏀瑰悗鐨?code>login.php浠g爜濡備笅锛?/p>
<?php
$uname=$_POST["Email"];
$pwd=$_POST["Password"];
echo $uname;
$query_str="SELECT * FROM login where username=鈥?uname鈥?and password=鈥?pwd鈥?";
$mysqli = new mysqli("127.0.0.1", "wjs", "20175306", "wjs");
$query_str1="use wjs;";
/* check connection */
if ($mysqli->connect_errno) {
printf("Connect failed: %s
", $mysqli->connect_error);
exit();
}
echo "connection ok!";
/* Select queries return a resultset */
if ($result = $mysqli->query($query_str1))
echo"<br>Success into database!";
echo$uname;
if ($result = $mysqli->query($query_str)) {
if ($result->num_rows > 0 ){
echo "<br> {$uname}:Welcome!!! <br> ";
}
else {
echo "<br> login failed!!!! <br> " ; }
/* free result set */
$result->close();
}
$mysqli->close();
?>
4銆佸湪娴忚鍣ㄤ腑杈撳叆127.0.0.1/login.php,杩炴帴鎴愬姛濡備笅鍥?
5銆佽緭鍏ョ敤鎴峰悕鍜屽瘑鐮佽繘琛岃璇侊紝鎴愬姛鐧婚檰濡備笅鍥炬墍绀猴細
6銆?杈撳叆涓€涓暟鎹簱涓牴鏈病鏈夌殑鐢ㄦ埛鍚嶅拰瀵嗙爜锛屾樉绀鸿繛鎺ユ暟鎹簱鎴愬姛锛屼絾鐧诲綍澶辫触
浠诲姟浜旓細鏈€绠€鍗曠殑SQL娉ㄥ叆锛孹SS鏀诲嚮娴嬭瘯
1銆丼QL娉ㄥ叆
SQL娉ㄥ叆锛屽氨鏄€氳繃鎶奡QL鍛戒护鎻掑叆鍒癢eb琛ㄥ崟鎻愪氦鎴栬緭鍏ュ煙鍚嶆垨椤甸潰璇锋眰鐨勬煡璇㈠瓧绗︿覆锛屾渶缁堣揪鍒版楠楁湇鍔″櫒鎵ц鎭舵剰鐨凷QL鍛戒护銆傚叿浣撴潵璇达紝瀹冩槸鍒╃敤鐜版湁搴旂敤绋嬪簭锛屽皢锛堟伓鎰忕殑锛塖QL鍛戒护娉ㄥ叆鍒板悗鍙版暟鎹簱寮曟搸鎵ц鐨勮兘鍔涳紝瀹冨彲浠ラ€氳繃鍦╓eb琛ㄥ崟涓緭鍏ワ紙鎭舵剰锛塖QL璇彞寰楀埌涓€涓瓨鍦ㄥ畨鍏ㄦ紡娲炵殑缃戠珯涓婄殑鏁版嵁搴擄紝鑰屼笉鏄寜鐓ц璁¤€呮剰鍥惧幓鎵цSQL璇彞銆?-
鍦ㄧ敤鎴峰悕杈撳叆妗嗚緭鍏モ€?or 1=1#锛屽瘑鐮佷换鎰忚緭鍏ワ細
-
杩欐槸鍥犱负锛岃緭鍏ョ殑鐢ㄦ埛鍚嶅拰鎴戜滑鐨勪唬鐮佷腑select璇彞缁勫悎璧锋潵鍙樻垚浜?code>select * from users where username=鈥樷€?or 1=1#鈥?and password=鈥樷€?/code>,#鐩稿綋浜庢敞閲婄锛屼細鎶婂悗闈㈢殑鍐呭閮芥敞閲婃帀锛岃€?em>1=1鏄案鐪熷紡锛屾墍浠ヨ繖涓潯浠舵案杩滄垚绔嬶紝鎵€浠ヤ笉绠″瘑鐮佹槸鍚﹁緭鍏ユ纭紝閮借兘澶熸垚鍔熺櫥闄嗐€?br> 2銆?XSS鏀诲嚮
璺ㄧ珯鑴氭湰鏀诲嚮(Cross Site Scripting)锛屼负涓嶅拰灞傚彔鏍峰紡琛?Cascading Style Sheets, CSS)鐨勭缉鍐欐贩娣嗐€傛晠灏嗚法绔欒剼鏈敾鍑荤缉鍐欎负XSS銆俋SS鏄竴绉嶇粡甯稿嚭鐜板湪web搴旂敤涓殑璁$畻鏈哄畨鍏ㄦ紡娲烇紝瀹冨厑璁告伓鎰弚eb鐢ㄦ埛灏嗕唬鐮佹鍏ュ埌鎻愪緵缁欏叾瀹冪敤鎴蜂娇鐢ㄧ殑椤甸潰涓€傛瘮濡傝繖浜涗唬鐮佸寘鎷琀TML浠g爜鍜屽鎴风鑴氭湰銆傛敾鍑昏€呭埄鐢╔SS婕忔礊鏃佽矾鎺夎闂帶鍒垛€斺€斾緥濡傚悓婧愮瓥鐣?same origin policy)銆傝繖绉嶇被鍨嬬殑婕忔礊鐢变簬琚獓瀹㈢敤鏉ョ紪鍐欏嵄瀹虫€ф洿澶х殑phishing鏀诲嚮鑰屽彉寰楀箍涓轰汉鐭ャ€?-
灏嗕竴寮犲浘鐗囨斁鍦?code>/var/www/html鐩綍涓嬶紝鍦ㄧ敤鎴峰悕杈撳叆妗嗚緭鍏?code><img src="鍥剧墖鍚嶇О" />锛屽瘑鐮侀殢鎰?br>
-
灏卞彲浠ヨ鍙栧浘鐗囧暒
涓夈€佸熀纭€闂鍥炵瓟
1銆佷粈涔堟槸琛ㄥ崟
- 琛ㄥ崟鍦ㄧ綉椤典腑涓昏璐熻矗鏁版嵁閲囬泦鍔熻兘銆備竴涓〃鍗曟湁涓変釜鍩烘湰缁勬垚閮ㄥ垎锛?/li>
- 琛ㄥ崟鏍囩锛氳繖閲岄潰鍖呭惈浜嗗鐞嗚〃鍗曟暟鎹墍鐢–GI绋嬪簭鐨刄RL浠ュ強鏁版嵁鎻愪氦鍒版湇鍔″櫒鐨勬柟娉曘€?/li>
- 琛ㄥ崟鍩燂細鍖呭惈浜嗘枃鏈銆佸瘑鐮佹銆侀殣钘忓煙銆佸琛屾枃鏈銆佸閫夋銆佸崟閫夋銆佷笅鎷夐€夋嫨妗嗗拰鏂囦欢涓婁紶妗嗙瓑銆?/li>
- 琛ㄥ崟鎸夐挳锛氬寘鎷彁浜ゆ寜閽€佸浣嶆寜閽拰涓€鑸寜閽紱鐢ㄤ簬灏嗘暟鎹紶閫佸埌鏈嶅姟鍣ㄤ笂鐨凜GI鑴氭湰鎴栬€呭彇娑堣緭鍏ワ紝杩樺彲浠ョ敤琛ㄥ崟鎸夐挳鏉ユ帶鍒跺叾浠栧畾涔変簡澶勭悊鑴氭湰鐨勫鐞嗗伐浣溿€?br> 2銆佹祻瑙堝櫒鍙互瑙f瀽杩愯浠€涔堣瑷€
- 鏀寔HTML锛堣秴鏂囨湰鏍囪璇█锛?/li>
- XML锛堝彲鎵╁睍鏍囪璇█锛?/li>
- Python
- PHP
- JavaScript
- ASP绛変紬澶氳剼鏈瑷€
3銆乄ebServer鏀寔鍝簺鍔ㄦ€佽瑷€ - 鏈€甯哥敤鐨勪笁绉嶅姩鎬佺綉椤佃瑷€鏈堿SP(ActiveServerPages),JSP(JavaServerPages),PHP(HypertextPreprocessor)銆?/li>
- ASP鍏ㄥ悕ActiveServerPages锛屾槸涓€涓猈EB鏈嶅姟鍣ㄧ鐨勫紑鍙戠幆澧冿紝鍒╃敤瀹冨彲浠ヤ骇鐢熷拰鎵ц鍔ㄦ€佺殑銆佷簰鍔ㄧ殑銆侀珮鎬ц兘鐨刉EB鏈嶅姟搴旂敤绋嬪簭銆侫SP閲囩敤鑴氭湰璇█VBScript锛圝avascript锛変綔涓鸿嚜宸辩殑寮€鍙戣瑷€銆?/li>
- JSP鏄疭un鍏徃鎺ㄥ嚭鐨勬柊涓€浠g綉绔欏紑鍙戣瑷€锛孲un鍏徃鍊熷姪鑷繁鍦↗ava涓婄殑涓嶅嚒閫犺锛屽皢Java浠嶫ava搴旂敤绋嬪簭鍜孞avaApplet涔嬪锛屽張鏈夋柊鐨勭鏋滐紝灏辨槸JSP锛孞avaServerPage銆侸SP鍙互鍦⊿erverlet鍜孞avaBean鐨勬敮鎸佷笅锛屽畬鎴愬姛鑳藉己澶х殑绔欑偣绋嬪簭銆?/li>
- PHP鏄竴绉嶈法骞冲彴鐨勬湇鍔″櫒绔殑宓屽叆寮忚剼鏈瑷€銆傚畠澶ч噺鍦板€熺敤C,Java鍜孭erl璇█鐨勮娉?骞惰€﹀悎PHP鑷繁鐨勭壒鎬?浣縒EB寮€鍙戣€呰兘澶熷揩閫熷湴鍐欏嚭鍔ㄦ€佷骇鐢熼〉闈€?/li>
- 涓夎€呴兘鎻愪緵鍦℉TML浠g爜涓贩鍚堟煇绉嶇▼搴忎唬鐮併€佺敱璇█寮曟搸瑙i噴鎵ц绋嬪簭浠g爜鐨勮兘鍔涖€備絾JSP浠g爜琚紪璇戞垚Servlet骞剁敱Java铏氭嫙鏈鸿В閲婃墽琛岋紝杩欑缂栬瘧鎿嶄綔浠呭湪瀵笿SP椤甸潰鐨勭涓€娆¤姹傛椂鍙戠敓銆傚湪ASP銆丳HP銆丣SP鐜涓嬶紝HTML浠g爜涓昏璐熻矗鎻忚堪淇℃伅鐨勬樉绀烘牱寮忥紝鑰岀▼搴忎唬鐮佸垯鐢ㄦ潵鎻忚堪澶勭悊閫昏緫銆傛櫘閫氱殑HTML椤甸潰鍙緷璧栦簬Web鏈嶅姟鍣紝鑰孉SP銆丳HP銆丣SP椤甸潰闇€瑕侀檮鍔犵殑璇█寮曟搸鍒嗘瀽鍜屾墽琛岀▼搴忎唬鐮併€傜▼搴忎唬鐮佺殑鎵ц缁撴灉琚噸鏂板祵鍏ュ埌HTML浠g爜涓紝鐒跺悗涓€璧峰彂閫佺粰娴忚鍣ㄣ€侫SP銆丳HP銆丣SP涓夎€呴兘鏄潰鍚慦eb鏈嶅姟鍣ㄧ殑鎶€鏈紝瀹㈡埛绔祻瑙堝櫒涓嶉渶瑕佷换浣曢檮鍔犵殑杞欢鏀寔銆?/li>
鍥涖€佸疄楠屾劅鎯筹細
鏈瀹為獙鐩稿鏉ヨ姣旇緝绠€鍗曪紝鐢ㄥ埌浜嗘暟鎹簱锛屼箣鍓嶅垬蹇佃€佸笀鐨勮涔熻杩囷紝鎵€浠ヨ鍙ユ瘮杈冪啛鎮夈€傚敮涓€瑕佹敞鎰忕殑灏辨槸瑕佽寰楁敼action閲岀殑鏁版嵁銆?/p>
以上是关于2019-2020-2 缃戠粶瀵规姉鎶€鏈?20175306鐜嬩匠鐑?Exp8 Web鍩虹的主要内容,如果未能解决你的问题,请参考以下文章
銆婅绠楁満缃戠粶绯诲垪銆嬧€斺€斾负浠€涔堥渶瑕佷簲灞傜綉缁滄ā鍨嬶紵