我从这样的HTML GET请求中获取图像链接......
www.example.com?image=www.anotherdomain.com/image.jpg
if (isset($_GET['image'])) {
echo $_GET['image'];
}
如何确保传递的图片网址来自www.anotherdomain.com
我应该解析网址并检查一下吗?
答案 0 :(得分:3)
您应该使用parse_url功能:
<?php
if (isset($_GET['image'])) {
$hostname = parse_url($url, PHP_URL_HOST);
if ($hostname == "anotherdomain.com") {
echo $_GET['image'];
}
}
?>
答案 1 :(得分:2)
您将第二个参数设置为parse_url
PHP_URL_HOST
<?php
$image = $_GET['image'];
$host = parse_url($image, PHP_URL_HOST);
if ($host !== 'abc.xyz') {
# error
return;
}
# your logic
手动:http://php.net/manual/en/function.parse-url.php
P.S。确保检查$_GET['image']是否存在以避免通知。
答案 2 :(得分:0)
好吧,如果图片总是来自同一个网站,你可以查看网址的第一部分,如果它与你想要的网址匹配,请使用它,否则不要使用它。
foreach ($result as $result_set) {
$email_setup_id = $result_set['setup_id'];
$msn = $result_set['msn'];
$email_to = $result_set['email'];
$install_status = $result_set['install_stat'];
$communication_stat = $result_set['comm_stat'];
$m = new EmailTransaction;
$m->load(Yii::$app->request->post());
$m->email_setup_id = $email_setup_id;
$m->install_id = $install_id;
$m->ref_no = $ref_no;
$m->meter_msn = $msn;
$m->email_to = $email_to;
$m->email_datetime = date('Y-m-d H:i:s');
try {
if ($m->save()) {
Yii::$app->mailer->compose()
->setFrom(['sender_email' => 'Inventory Admin'])
->setTo($email_to)
->setCc("cc_email")
->setSubject('New Installation')
->setTextBody('hi')
->setHtmlBody('The Meter# <b> ' . $msn . '</b>'. ' against Reference# <b> ' . $ref_no . '</b>'.' is <b> ' . $communication_stat . '</b>'. ' and <b> ' . $install_status)
->send();
echo "email sent";
} else {
//throw new \Exception('error');;
echo "No Email Sent";
}
}catch(Exception $ex)
{
print_r($m->attributes); return;
}
}