我在localhost中收到了验证码,但相同的代码服务器不起作用。我尝试运行我自己的服务器与chmod完全权限也在cookie.txt文件中给予完全权限。当我运行完美的localhost时。我认为,由于cookie.txt
,它不起作用<?php
header("Content-type: image/jpeg");
function open($url, $cookie = "")
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2) Gecko/20070219 Firefox/2.0.0.2');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_COOKIE, 1);
if($cookie != ""){
curl_setopt($ch, CURLOPT_COOKIEJAR, realpath(dirname(__FILE__))."\cookie.txt");
}else{
curl_setopt($ch, CURLOPT_COOKIEFILE, realpath(dirname(__FILE__))."\cookie.txt");
}
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, "http://www.xxxxxx.com/caller/");
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
open("http://www.xxxxxx.com/caller/", 1);
echo open("http://www.xxxxxx.com/security.php?id=".(floor(rand() * 1000) + 1), 0);
?>
你能帮帮我吗?
答案 0 :(得分:1)
这可能是一个安全问题。想象一下,攻击者可以更改您的php文件并接管您的应用程序。这就是为什么Apache服务器在用户www-data下运行的原因,用户无法访问除只读之外的文件。这同样适用于目录。
if($cookie != "") {
curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/some_better_name_cookie.txt");
} else {
curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/some_better_name_cookie.txt");
}