我试过多次检查,仍然给我这个错误。实际上我正在尝试创建一个包含$ output内容的php文件。
<?php
include 'dbconfig.php';
$rand = $_GET['rand'];
$filename = $rand.".php";
$output = "<?php";
$output .="include '../dbconfig.php';";
$output .="$myself = basename(__FILE__, '.php'); ";
$output .="$query = mysqli_query($dbconfig,\"Select command from records where token = '$myself'\");";
$output .="if(mysqli_num_rows($query) > 0)";
$output .="{";
$output .="while($row=$query->fetch_assoc())";
$output .="{";
$output .="$command = $row[command];";
$output .="}";
$output .="echo 'exec $command endexec';";
$output .="}";
$output .="?>";
$file = fopen("puppet\$filename","w");
fwrite($file,$putput);
$check = "Select * from records where usertoken = $rand";
$check1 = mysqli_query($dbconfig,$check);
if(mysqli_num_rows($check1)== 0){
$ins = "Insert into records (usertoken)Values('$rand')";
if(mysqli_query($dbconfig,$ins)){
$success=true;
}
}else{
$success=false;
}
?>
答案 0 :(得分:1)
我要继续'猜测'这实际上是php在尝试使用双引号解析字符串时所做的事情。它将在运行时评估字符串中的变量和内容。
尝试单引号字符串......
<?php
include 'dbconfig.php';
$rand = $_GET['rand'];
$filename = $rand.'.php';
$output = '<?php';
$output .='include \'../dbconfig.php\';';
$output .='$myself = basename(__FILE__, \'.php\'); ';
$output .='$query = mysqli_query($dbconfig, "Select command from records where token = \'$myself\'");';
$output .='if(mysqli_num_rows($query) > 0)';
$output .='{';
$output .='while($row=$query->fetch_assoc())';
$output .='{';
$output .='$command = $row[command];';
$output .='}';
$output .='echo \'exec $command endexec\';';
$output .='}';
$output .='?>';
$file = fopen("puppet\$filename","w");
fwrite($file,$output);
$check = "Select * from records where usertoken = $rand";
$check1 = mysqli_query($dbconfig,$check);
if(mysqli_num_rows($check1)== 0){
$ins = "Insert into records (usertoken)Values('$rand')";
if(mysqli_query($dbconfig,$ins)){
$success=true;
}
}else{
$success=false;
}
?>