douzhe3516
2018-06-12 04:53
浏览 261
已采纳

在Yii2中使用$ _SERVER ['SERVER_NAME']检测环境是否正确

if ($_SERVER['SERVER_NAME'] == 'localhost' || $_SERVER['SERVER_NAME'] == '127.0.0.1') 
{
    defined('YII_DEBUG') or define('YII_DEBUG', true);
    defined('YII_ENV') or define('YII_ENV', 'dev');
}

require __DIR__ . '/../../vendor/autoload.php';
require __DIR__ . '/../../vendor/yiisoft/yii2/Yii.php';
require __DIR__ . '/../../common/config/bootstrap.php';
require __DIR__ . '/../config/bootstrap.php';

if(YII_ENV == 'prod')
{
    $config = yii\helpers\ArrayHelper::merge(
        require __DIR__ . '/../../common/config/main.php',
        require __DIR__ . '/../config/main.php'
    );
}
else
{
    $config = yii\helpers\ArrayHelper::merge(
       require __DIR__ . '/../../common/config/main.php',
       require __DIR__ . '/../../common/config/main-local.php',
       require __DIR__ . '/../config/main.php',
       require __DIR__ . '/../config/main-local.php'
   );
}

I am trying to use multiple environments but don't what to change all the time in files so I use if condition in my index.php file and its working but I don't know it is the right way or not.

图片转代码服务由CSDN问答提供 功能建议

  if($ _SERVER ['SERVER_NAME'] =='localhost'|| $ _SERVER ['SERVER_NAME  '] =='127.0.0.1')
 {
 defined('YII_DEBUG')或define('YII_DEBUG',true); 
 defined('YII_ENV')或define('YII_ENV','dev')  ; 
} 
 
需要__DIR__。  '/../../vendor/autoload.php'; 
nrequire __DIR__。  '/../../vendor/yiisoft/yii2/Yii.php';
require __DIR__。  '/../../common/config/bootstrap.php'; 
nrequire __DIR__。  '/../config/bootstrap.php';
nnif(YII_ENV =='prod')
 {
 $ config = yii \ helpers \ ArrayHelper :: merge(
需要__DIR__。'/ ..  /../common/config/main.php',nn需要__DIR __。'/。/ config / main.php'
); 
} 
else 
 {
 $ config = yii \ helpers \  ArrayHelper :: merge(
需要__DIR__。'/../../common / config / main.php',
要求__DIR__。'/。/。/ common / config / main-local.php'  ,
需要__DIR __。'/。/ config / main.php',
要求__DIR __。'/。/ config / main-local.php'
}; 
} 
  <  / pre> 
 
 

我正在尝试使用多个环境,但不要在文件中一直更改,所以我在 index.php 文件中使用if条件及其工作 但我不知道这是正确的方式。

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • doucanrui1735 2018-06-12 07:39
    已采纳

    No, it is not. And this is a potential security issue - $_SERVER['SERVER_NAME'] can be spoofed, so someone may access your remote production server using localhost as a host name. If you're not validating host name at webserver level, then he will see your website in debug mode. From $_SERVER['SERVER_NAME'] docs:

    Note: Under Apache 2, you must set UseCanonicalName = On and ServerName. Otherwise, this value reflects the hostname supplied by the client, which can be spoofed. It is not safe to rely on this value in security-dependent contexts.


    You should probably keep environment-specific settings/constants in separate file outside of version control. For example in config/environment-local.php. And setup it manually on every instance. You may also use Composer hooks to copy default content of this file - I implemented something like that in my template. Then require this file on the top of your index.php file instead of your condition:

    require __DIR__ . '/../config/environmen-local.php';
    
    require __DIR__ . '/../../vendor/autoload.php';
    require __DIR__ . '/../../vendor/yiisoft/yii2/Yii.php';
    require __DIR__ . '/../../common/config/bootstrap.php';
    require __DIR__ . '/../config/bootstrap.php';
    
    // rest of bootstrap
    
    已采纳该答案
    打赏 评论

相关推荐 更多相似问题