我有一个地狱般的问题,我无法理解为我的生活。我为客户设置了一个超级简单的CMS。 CMS的每个不同页面都包含名为session.php的文件。
session_start();
$username = $_SESSION['siteadmin'];
if (!$_SESSION['siteadmin']){
header( 'Location: login.php?status=2' );
}
每隔一段时间,随机事物就会从数据库中消失。因此,我设置了一个原始日志系统,通过CMS记录任何操作。好吧,它再次发生了。日志显示:
Logged in **.**.237.209 17:18 <-- thats me
Deleted board member id 12 195.42.102.25 16:49
Deleted board member id 15 195.42.102.25 16:49
Deleted board member id 8 195.42.102.25 16:49
Deleted board member id 10 195.42.102.25 16:49
Deleted board member id 9 195.42.102.25 16:49
Deleted board member id 4 195.42.102.25 16:49
Deleted board member id 3 195.42.102.25 16:49
Deleted board member id 5 195.42.102.25 16:49
Deleted board member id 6 195.42.102.25 16:49
Deleted board member id 11 195.42.102.25 16:49
Deleted board member id 7 195.42.102.25 16:49
Deleted review id 2 195.42.102.25 16:49
Deleted review id 3 195.42.102.25 16:49
这会继续几页。它甚至没有显示195.42.102.25登录!上次发生在195.128.18.19。他们如何在没有会话变量的情况下加载窗口?我的代码中是否存在一个我完全忽略的安全漏洞?!
对此问题的任何见解都会很棒。
谢谢,
答案 0 :(得分:8)
在exit之后加header。
答案 1 :(得分:3)
实际上,在标题之后放置一个出口或骰子。
很容易不遵循标题重定向并获得最终执行的内容。
关于这个问题,The Daily WTF上有一篇有趣的帖子(并且更完整),我暂时找不到。
编辑:发现它! :) http://thedailywtf.com/Articles/WellIntentioned-Destruction.aspx答案 2 :(得分:0)
考虑在session_start之后添加session_regenerate_id()。这将阻止会话cookie窃取(如果您使用上述功能,则会在每个页面加载时重新生成cookie中的PHPSESSID),这可能正在发生(除了上面答案中的exit问题)