不灭的火

革命尚未成功,同志仍须努力下载JDK17

$_SERVER["SCRIPT_NAME"]、$_SERVER["PHP_SELF"]、$_SERVER["QUERY_STRING"]、$_SERVER["REQUEST_URI"]
作者:AlbertWen  添加时间:2012-05-11 22:12:44  修改时间:2025-05-22 19:25:34  分类:11.PHP基础  编辑

1、$_SERVER["SCRIPT_NAME"]

说明:包含当前脚本的路径

2、$_SERVER["PHP_SELF"]

说明:当前正在执行脚本的文件名

3、$_SERVER["QUERY_STRING"]

说明:查询(query)的字符串

4、$_SERVER["REQUEST_URI"]

说明:访问此页面所需的URI

实例:

1.http://blog.snsgou.com/ (直接打开主页)

结果:

1
2
3
4
$_SERVER["SCRIPT_NAME"] = "/index.php"
$_SERVER["PHP_SELF"]     = "/index.php"
$_SERVER["QUERY_STRING"] = ""
$_SERVER["REQUEST_URI"] = "/"

2.http://blog.snsgou.com/?p=222 (附带查询)

结果:

1
2
3
4
$_SERVER["SCRIPT_NAME"] = "/index.php"
$_SERVER["PHP_SELF"]     = "/index.php"
$_SERVER["QUERY_STRING"] = "p=222"
$_SERVER["REQUEST_URI"] = "/?p=222"

3.http://blog.snsgou.com/index.php?p=222&q=biuuu

结果:

1
2
3
4
$_SERVER["SCRIPT_NAME"] = "/index.php"
$_SERVER["PHP_SELF"]     = "/index.php"
$_SERVER["QUERY_STRING"] = "p=222&q=biuuu"
$_SERVER["REQUEST_URI"] = "/index.php?p=222&q=biuuu"

4.http://blog.snsgou.com/123/123.php/abc/def?id=222&name=jack

1
2
3
4
$_SERVER["SCRIPT_NAME"] = "/123/123.php"
$_SERVER["PHP_SELF"]     = "/123/123.php/abc/def"
$_SERVER["QUERY_STRING"] = "id=222&name=jack"
$_SERVER["REQUEST_URI"] = "/123/123.php/abc/def?id=222&name=jack"

5.http://blog.snsgou.com/123/123.php/abc/def.bat?id=222&name=jack

1
2
3
4
$_SERVER["SCRIPT_NAME"] = "/123/123.php"
$_SERVER["PHP_SELF"]     = "/123/123.php/abc/def.bat"
$_SERVER["QUERY_STRING"] = "id=222&name=jack"
$_SERVER["REQUEST_URI"] = "/123/123.php/abc/def.bat?id=222&name=jack"

 

  • $_SERVER["SCRIPT_NAME"]  获取当前脚本的路径,如:index.php
  • $_SERVER["PHP_SELF"]  当前正在执行脚本的文件名
  • $_SERVER["QUERY_STRING"]  获取查询语句,实例中可知,获取的是?后面的值
  • $_SERVER["REQUEST_URI"]  获取http://blog.snsgou.com后面的值,包括/

总结一下,对于SCRIPT_NAME、PHP_SELF、QUERY_STRING、REQUEST_URI,深入了解将有利于我们 在$_SERVER函数中正确调用这四个值。

一般地: $_SERVER["REQUEST_URI"] = $_SERVER["PHP_SELF"] . '?' . $_SERVER["QUERY_STRING"]

 

注意:当有地址重写时,情况有些变化,如:

/class 重写到 /index.php?app=class&mod=Index&act=index

此时:

$_SERVER['PHP_SELF'] 值等于 /index.php
$_SERVER['QUERY_STRING'] 值等于 /index.php?app=class&mod=Index&act=index
$_SERVER["REQUEST_URI"] 值等于 /class

 

uchome系统中处理技巧:

1
2
3
4
5
6
7
8
9
10
11
//处理REQUEST_URI
if (!isset($_SERVER['REQUEST_URI'])) {
    $_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'];
    if (isset($_SERVER['QUERY_STRING'])) $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
}
if ($_SERVER['REQUEST_URI']) {
    $temp = urldecode($_SERVER['REQUEST_URI']);
    if (strexists($temp, '<') || strexists($temp, '"')) {
        $_GET = shtmlspecialchars($_GET); // XSS
    }
}

 

 

 

延伸阅读:

PHP获取当前页面的URL

PHP获取当前域名$_SERVER['HTTP_HOST']和$_SERVER['SERVER_NAME']的区别

PHP的$_SERVER['PHP_SELF']造成的XSS漏洞攻击及其解决方案

 

Copyright © 2012-2035 不灭的火 版权所有 粤ICP备17073848号