我设计了一个代码,该代码遍历每一行,并使用字符串的位置提取特定的字符串。但是我不希望它采用硬编码的方式。如何在我的代码中使用键值对。就我而言,文件模式是固定的。例如:
X-Powered-By: PHP/5.6.35
Content-Length: 17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
在此“ X-Powered-By”中是键,而“ PHP / 5.6.35”是值。
<pre><?php
$array = array();
$val = array();
//$vals = array();
$fh = fopen("website-audit.2018.08.30.log","r");
$started = false;
while (!feof($fh)) {
$line = fgets($fh);
if($started) {
$temp .= $line;
if(strpos($line, "--") === 0 && strpos($line, "-Z-") > 0) {
$started = false;
$array[] = $temp;
}
}
if(strpos($line, "--") === 0 && strpos($line, "-A-") > 0) {
$started = true;
$temp = $line;
}
}
fclose($fh);
$keyword = 'POST';
foreach($array as $index){
if (strpos($index, $keyword) !== FALSE){
$val[] = $index;
}
}
var_dump($val);
for ($i = 0; $i < count($val); ++$i) {
$words = preg_split ('/$\R?^/m', $val[$i]);
$X_REQUESTED_WITH = explode(' ',trim($words[9]));
$X_REQUESTED_WITH = $X_REQUESTED_WITH[1] . PHP_EOL;
$RESPONSE_CODE = explode(' ',trim($words[22]));
$RESPONSE_CODE = $RESPONSE_CODE[1] . PHP_EOL;
echo $X_REQUESTED_WITH;
echo $RESPONSE_CODE;
}
?>
此代码的输出:
array(2) {
[0]=>
string(898) "--84670001-A--
[31/Aug/2018:13:41:25 +0200] W4fX5YHC0Xb8YDuIqk5YOwAAAD8 127.0.0.1 55065 127.0.0.1 80
--84670001-B--
POST /FormValidation/validation.php HTTP/1.1
Host: localhost
Connection: keep-alive
Content-Length: 33
Accept: */*
Origin: http://localhost
X-Requested-With: XMLHttpRequest
cookie: authscheme=abc;authMarket=abfg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost/FormValidation/page1.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
tanuser: 00198343
env: dev
--84670001-C--
name1=test&email1=ssn%40gmail.com
--84670000-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.35
Content-Length: 17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
--84670001-Z--
"
[1]=>
string(897) "--84670002-A--
[31/Aug/2018:13:41:25 +0200] W4fX5YHC0Xb8YDuIqk5YOwAAAD8 127.0.0.1 55065 127.0.0.1 80
--84670002-B--
POST /FormValidation/validation.php HTTP/1.1
Host: localhost
Connection: keep-alive
Content-Length: 33
Accept: */*
Origin: http://localhost
X-Requested-With: XMLHttpRequest
cookie: authscheme=abc;authMarket=abfg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost/FormValidation/page1.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
tanuser: 00198343
env: dev
--84670002-C--
name1=test&email1=ssn%40gmail.com
--84670002-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.35
Content-Length: 17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
--84670002-Z--"
}
XMLHttpRequest
200
XMLHttpRequest
200
这是我的文件:-
--49160000-A--
[30/Aug/2018:13:41:19 +0200] W4fX34HC0Xb8YDuIqk5YOgAAAD4 127.0.0.1 55064 127.0.0.1 80
--49160000-B--
GET /FormValidation/page1.php HTTP/1.1
Host: localhost
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://localhost/FormValidation/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
tanuser: 00198343
--49160000-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.35
Content-Length: 851
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
--49160000-Z--
--84670001-A--
[31/Aug/2018:13:41:25 +0200] W4fX5YHC0Xb8YDuIqk5YOwAAAD8 127.0.0.1 55065 127.0.0.1 80
--84670001-B--
POST /FormValidation/validation.php HTTP/1.1
Host: localhost
Connection: keep-alive
Content-Length: 33
Accept: */*
Origin: http://localhost
X-Requested-With: XMLHttpRequest
cookie: authscheme=abc;authMarket=abfg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost/FormValidation/page1.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
tanuser: 00198343
env: dev
--84670001-C--
name1=test&email1=ssn%40gmail.com
--84670000-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.35
Content-Length: 17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
--84670001-Z--
答案 0 :(得分:1)
您可以适当地更改当前代码,以使其能够根据需要解析文件。
给出文件website-audit.2018.08.30.log,其中包含以下内容:
--84670001-A--
[31/Aug/2018:13:41:25 +0200] W4fX5YHC0Xb8YDuIqk5YOwAAAD8 127.0.0.1 55065 127.0.0.1 80
--84670001-B--
POST /FormValidation/validation.php HTTP/1.1
Host: localhost
Connection: keep-alive
Content-Length: 33
Accept: */*
Origin: http://localhost
X-Requested-With: XMLHttpRequest
cookie: authscheme=abc;authMarket=abfg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost/FormValidation/page1.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
tanuser: 00198343
env: dev
--84670001-C--
name1=test&email1=ssn%40gmail.com
--84670000-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.35
Content-Length: 17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
--84670001-Z--
--84670002-A--
[31/Aug/2018:13:41:25 +0200] W4fX5YHC0Xb8YDuIqk5YOwAAAD8 127.0.0.1 55065 127.0.0.1 80
--84670002-B--
POST /FormValidation/validation.php HTTP/1.1
Host: localhost
Connection: keep-alive
Content-Length: 33
Accept: */*
Origin: http://localhost
X-Requested-With: XMLHttpRequest
cookie: authscheme=abc;authMarket=abfg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost/FormValidation/page1.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
tanuser: 00198343
env: dev
--84670002-C--
name1=test&email1=ssn%40gmail.com
--84670002-F--
HTTP/1.1 200 OK
X-Powered-By: PHP/5.6.35
Content-Length: 17
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
--84670002-Z--
这是您可以构建的解析器示例:
$fh = fopen("website-audit.2018.08.30.log","r");
$array = array();
$started = false;
while (!feof($fh)) {
$line = trim(fgets($fh));
if($started) {
if(!ctype_space($line)&&!empty($line)&&!preg_match('#-$#',$line)){
if(strpos($line,'POST')===0){
$data=array_map('trim',str_getcsv($line,' ',''));
$temp['POST']=array_slice($data,1,2);
}
else{
if(isset($A)){
$data=array_map('trim',str_getcsv($line,' ',''));
$data[0].=$data[1];
unset($data[1]);
$temp['Stamp']=array_values($data);
unset($A);
}else{
$data=array_map('trim',str_getcsv($line,':',''));
if(isset($data[1])){
if($data[0]=='Keep-Alive'){
$d=explode(',',$data[1]);
$d[0]=array_map('trim',explode('=',$d[0]));
$d[1]=array_map('trim',explode('=',$d[1]));
$temp[$data[0]]=[$d[0][0]=>$d[0][1],$d[1][0]=>$d[1][1]];
}else{
$temp[$data[0]]=$data[1];
}
}elseif(strpos($data[0],'HTTP')===0){
$data=explode(' ',$data[0]);
$temp['HTTP']=array_combine(['version','status','message'],$data);
}else{
$temp['Query_string']=$data[0];
}
}
}
}
if(strpos($line, "--") === 0 && strpos($line, "-Z-") > 0) {
$started = false;
$array[$tmp] = $temp;
$temp=[];
$tmp++;
}
}
if(strpos($line, "--") === 0 && strpos($line, "-A-") > 0) {
$A=true;
$started = true;
$tmp=trim($line);
$temp=[];
}
}
fclose($fh);
//from there $array contains as needed Pair of key=>$value for each request then you can use
foreach($array as $k=>$value){
var_dump($value['X-Requested-With']);
var_dump($value['HTTP']['status']);
}
要输出:
string(14) "XMLHttpRequest"
string(3) "200"
string(14) "XMLHttpRequest"
string(3) "200"
变量$ array的全部内容为:
Array
(
[--84670001-A--] => Array
(
[Stamp] => Array
(
[0] => [31/Aug/2018:13:41:25+0200]
[1] => W4fX5YHC0Xb8YDuIqk5YOwAAAD8
[2] => 127.0.0.1
[3] => 55065
[4] => 127.0.0.1
[5] => 80
)
[POST] => Array
(
[0] => /FormValidation/validation.php
[1] => HTTP/1.1
)
[Host] => localhost
[Connection] => Keep-Alive
[Content-Length] => 17
[Accept] => */*
[Origin] => http
[X-Requested-With] => XMLHttpRequest
[cookie] => authscheme=abc;authMarket=abfg
[User-Agent] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
[Content-Type] => text/html; charset=UTF-8
[Referer] => http
[Accept-Encoding] => gzip, deflate, br
[Accept-Language] => en-US,en;q=0.9
[tanuser] => 00198343
[env] => dev
[Query_string] => name1=test&email1=ssn%40gmail.com
[HTTP] => Array
(
[version] => HTTP/1.1
[status] => 200
[message] => OK
)
[X-Powered-By] => PHP/5.6.35
[Keep-Alive] => Array
(
[timeout] => 5
[max] => 100
)
)
[--84670002-A--] => Array
(
[Stamp] => Array
(
[0] => [31/Aug/2018:13:41:25+0200]
[1] => W4fX5YHC0Xb8YDuIqk5YOwAAAD8
[2] => 127.0.0.1
[3] => 55065
[4] => 127.0.0.1
[5] => 80
)
[POST] => Array
(
[0] => /FormValidation/validation.php
[1] => HTTP/1.1
)
[Host] => localhost
[Connection] => Keep-Alive
[Content-Length] => 17
[Accept] => */*
[Origin] => http
[X-Requested-With] => XMLHttpRequest
[cookie] => authscheme=abc;authMarket=abfg
[User-Agent] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
[Content-Type] => text/html; charset=UTF-8
[Referer] => http
[Accept-Encoding] => gzip, deflate, br
[Accept-Language] => en-US,en;q=0.9
[tanuser] => 00198343
[env] => dev
[Query_string] => name1=test&email1=ssn%40gmail.com
[HTTP] => Array
(
[version] => HTTP/1.1
[status] => 200
[message] => OK
)
[X-Powered-By] => PHP/5.6.35
[Keep-Alive] => Array
(
[timeout] => 5
[max] => 100
)
)
)
因此,如您所见,它确实很简单,而且效果很好。 然后,如果文件的内容有所变化,那么您只需添加一个条件
示例:对于您当前的文件
$fh = fopen("website-audit.2018.08.30.log","r");
$array = array();
$started = false;
while (!feof($fh)) {
$line = trim(fgets($fh));
if($started) {
if(!ctype_space($line)&&!empty($line)&&!preg_match('#-$#',$line)){
if(strpos($line,'POST')===0){
$data=array_map('trim',str_getcsv($line,' ',''));
$temp['POST']=array_slice($data,1,2);
}
elseif(strpos($line,'GET')===0){
$data=array_map('trim',str_getcsv($line,' ',''));
$temp['GET']=array_slice($data,1,2);
}
else{
if(isset($A)){
$data=array_map('trim',str_getcsv($line,' ',''));
$data[0].=$data[1];
unset($data[1]);
$temp['Stamp']=array_values($data);
unset($A);
}else{
$data=array_map('trim',str_getcsv($line,':',''));
if(isset($data[1])){
if($data[0]=='Keep-Alive'){
$d=explode(',',$data[1]);
$d[0]=array_map('trim',explode('=',$d[0]));
$d[1]=array_map('trim',explode('=',$d[1]));
$temp[$data[0]]=[$d[0][0]=>$d[0][1],$d[1][0]=>$d[1][1]];
}else{
$temp[$data[0]]=$data[1];
}
}elseif(strpos($data[0],'HTTP')===0){
$data=explode(' ',$data[0]);
$temp['HTTP']=array_combine(['version','status','message'],$data);
}else{
$temp['Query_string']=$data[0];
}
}
}
}
if(strpos($line, "--") === 0 && strpos($line, "-Z-") > 0) {
$started = false;
$array[$tmp] = $temp;
$temp=[];
$tmp++;
}
}
if(strpos($line, "--") === 0 && strpos($line, "-A-") > 0) {
$A=true;
$started = true;
$tmp=trim($line);
$temp=[];
}
}
fclose($fh);
print_r($array);
输出为:
Array
(
[--49160000-A--] => Array
(
[Stamp] => Array
(
[0] => [30/Aug/2018:13:41:19+0200]
[1] => W4fX34HC0Xb8YDuIqk5YOgAAAD4
[2] => 127.0.0.1
[3] => 55064
[4] => 127.0.0.1
[5] => 80
)
[GET] => Array
(
[0] => /FormValidation/page1.php
[1] => HTTP/1.1
)
[Host] => localhost
[Connection] => Keep-Alive
[Upgrade-Insecure-Requests] => 1
[User-Agent] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
[Accept] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
[Referer] => http
[Accept-Encoding] => gzip, deflate, br
[Accept-Language] => en-US,en;q=0.9
[tanuser] => 00198343
[HTTP] => Array
(
[version] => HTTP/1.1
[status] => 200
[message] => OK
)
[X-Powered-By] => PHP/5.6.35
[Content-Length] => 851
[Keep-Alive] => Array
(
[timeout] => 5
[max] => 99
)
[Content-Type] => text/html; charset=UTF-8
)
[--84670001-A--] => Array
(
[Stamp] => Array
(
[0] => [31/Aug/2018:13:41:25+0200]
[1] => W4fX5YHC0Xb8YDuIqk5YOwAAAD8
[2] => 127.0.0.1
[3] => 55065
[4] => 127.0.0.1
[5] => 80
)
[POST] => Array
(
[0] => /FormValidation/validation.php
[1] => HTTP/1.1
)
[Host] => localhost
[Connection] => Keep-Alive
[Content-Length] => 17
[Accept] => */*
[Origin] => http
[X-Requested-With] => XMLHttpRequest
[cookie] => authscheme=abc;authMarket=abfg
[User-Agent] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
[Content-Type] => text/html; charset=UTF-8
[Referer] => http
[Accept-Encoding] => gzip, deflate, br
[Accept-Language] => en-US,en;q=0.9
[tanuser] => 00198343
[env] => dev
[Query_string] => name1=test&email1=ssn%40gmail.com
[HTTP] => Array
(
[version] => HTTP/1.1
[status] => 200
[message] => OK
)
[X-Powered-By] => PHP/5.6.35
[Keep-Alive] => Array
(
[timeout] => 5
[max] => 100
)
)
)
因此,如果您只需要GET请求,则在循环中检查当前元素的索引GET是否存在: 例如:
foreach($array as $k=>$value){
if(isset($value["POST"])){
var_dump($value['X-Requested-With']);
var_dump($value['HTTP']['status']);
}elseif(isset($value["GET"])){
var_dump($value['tanuser']);
var_dump($value['HTTP']['status']);
}
}
输出为:
string(8) "00198343"
string(3) "200"
string(14) "XMLHttpRequest"
string(3) "200"
答案 1 :(得分:0)
如果每次输入都是标头响应,则可以使用getallheaders(),它将返回当前请求中所有HTTP标头的关联数组
<?php
foreach (getallheaders() as $name => $value) {
echo "$name: $value\n";
}
答案 2 :(得分:0)
您可以使用这种方法通过key获取特定的标头值。示例:
echo getallheaders()['Accept-Encoding'];
echo getallheaders()['X-Powered-By'];