dongxuan1660 2014-11-11 19:05 采纳率: 100%
浏览 12
已采纳

php在输入无效网址后将用户移至404页面

I'm designing a website but I know if the user enters a wrong character into my url, a not found page will open for him . and I know it can be a way to hack my website. What should I do for that? for example if the user enters a ' into my url like this:

http://example.com/article.php?id=585'

He move to a not found page which I have designed it or move to the first page or the last page he was in. Thanks.

  • 写回答

3条回答 默认 最新

  • duanfei9278 2014-11-11 19:20
    关注

    You have to take 2 things into consideration:

    1. Handling non-existent files
    2. Handling non-existent article ids

    Here's how to handle each case:

    1) Create an .htaccess file and place it in your website root folder:

    RewriteEngine on
    ErrorDocument 404 /error.php # change this to your own 404 file path
    

    2) Open the articles.php file and add this to the top (right after checking if your ID exists)

    if(!valid_id($id)) {
        //if you have php 5.3- use this
        header('HTTP/1.1 404 Not Found');
    
        //if you have php 5.4+ use this
        //http_response_code(404);
    
        include('error.php'); //change this path to your own 404 file
        die();
    }
    

    Obviously, valid_id() is just a function example.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥30 Hyper-v虚拟机相关问题,求解答。
  • ¥15 TSM320F2808PZA芯片 Bootloader
  • ¥45 谷歌浏览器出现开发者工具无法显示已创建的,但您可以调试已部署的代码。 状态代码 404, net::ERR HTTP RESPONSE CODE FAILURE
  • ¥15 chatgpt网页版侧边栏和模型切换点击没反应怎么办
  • ¥15 如何解决蓝牙通话音频突发失真问题
  • ¥15 安装opengauss数据库报错
  • ¥15 【急】在线问答CNC雕刻机的电子电路与编程
  • ¥60 在mc68335芯片上移植ucos ii 的成功工程文件
  • ¥15 笔记本外接显示器正常,但是笔记本屏幕黑屏
  • ¥15 Python pandas