dongzong3053 2013-02-26 12:10
浏览 32
已采纳

“HTTP_HOST”未正确评估?

I use php scripts when there are errors (like 400,404,403,etc), to email me and advise of what is being attempted.

I noticed on a 400 error, the 'from' and 'to' didn't contain my domain name, but another domain name. This is some of the code I use ..

PHP Code:

$http_host = $_SERVER["HTTP_HOST"]; 
$http_host = str_replace("www.", "", $http_host); 
$from = "From: webmaster@" . $http_host . "
"; 
$to = "From: webmaster@" . $http_host . "
";

The var $http_host had the other domain name there. Fortunately, the email bounced back, so I became aware of the problem. Here is the web access logs entry

94.102.51.246 - - [23/Feb/2013:16:17:49 +1100] "GET http://24x7-allrequestsallowed.com/?...RWJWS_FA%40FQN HTTP/1.1" 400 2815 "-" "Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0"

It seems $_SERVER["HTTP_HOST"] was evaluated to '24x7-allrequestsallowed.com'

I'm mystified how this was parsed as a URL, but more uneasy that $_SERVER["HTTP_HOST"] wasn't set to the 'proper' domain name.

  • 写回答

1条回答 默认 最新

  • dseigqk7443 2013-02-26 12:14
    关注

    Change:

     $http_host = $_SERVER["HTTP_HOST"]; 
 $http_host = str_replace("www.", "", $http_host);

    ...to...

     $http_host = $_SERVER["SERVER_NAME"]; 
 $http_host = str_replace("www.", "", $http_host);

    Will return "The name of the server host under which the current script is executing. If the script is running on a virtual host, this will be the value defined for that virtual host."

    Source: http://php.net/manual/en/reserved.variables.server.php

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 想问一下树莓派接上显示屏后出现如图所示画面,是什么问题导致的
  • ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
  • ¥15 cmd cl 0x000007b
  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line
  • ¥500 火焰左右视图、视差(基于双目相机)
  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号