Tag:thinkphp
-
Explain the auth authentication of ThinkPHP in detail
RBAC is authenticated by node. It is a little difficult to control permissions finer than nodes, such as the operation button on the page. I want to judge the user permission to display this button. If there is no permission, this button will not be displayed; For another example, I want to conduct authority authentication […]
-
How to use casbin as the permission control middleware of ThinkPHP
catalogue summary install middleware Caspin model configuration verification summary PHP casbin is a powerful and efficient open source access control framework, which supports permission management based on various access control models. Think casbin is an extension package of casbin customized for thinkphp5.1, which makes it easier for developers to use casbin in ThinkPHP projects. install […]
-
How to view ThinkPHP historical vulnerabilities from the perspective of protection
catalogue ThinkPHP rce vulnerability and scanning traffic Vulnerability principle review ThinkPHP vulnerability network wide scanning summary ThinkPHP rce vulnerability and scanning traffic Vulnerability principle review 5.0. X version vulnerability The principle is that the key class for ThinkPHP to process requests is request (thinkphp/library/think/request.php), which can implement some settings for HTTP requests ThinkPHP supports configuring […]
-
Token security verification of API interface between Android client and PHP server
Android client: 1. Write an algorithm to generate token /** *Generate token of API interface * @param map * @param apikey * @return */ public static String createToken(Map<String, String> map,String apikey){ StringBuffer sb=new StringBuffer(); for (String value : map.values()) { sb.append(md5(value)); } SimpleDateFormat format=new SimpleDateFormat(“yyyy-MM-dd 00:00:00”); String time=format.format(new Date()); //Token generation rule: MD5 (interface key […]
-
thinkphp5. Installation and preliminary use of 1
because5.1The download version is no longer available on the official website, so download thinkphp5 The version after 1 will be usedComposerperhapsgitInstall and update as. Generally, it is convenient to install composer. Composer is a tool used by PHP to manage dependencies. You can declare the dependent external libraries in your own project. Composer will help […]
-
ThinkPHP adds seven cattle upload function
First, you need to download the PHP version SDK of qiniu:https://developer.qiniu.com/sdk#official-sdk Rename the file qiniu, then move it to the extend directory, and then you can use it directly. <? /** *Seven cattle file upload processing */ require_ once ‘../ extend/Qiniu/autoload. php’; // Import seven cattle file use think\Db; use Qiniu\Auth;// Introduction of seven cattle […]
-
Actual record of ThinkPHP bypassing disabled functions in a project
catalogue preface file_put_contents pcntl_exec LD_ Preload hijacking summary preface In a penetration test, I searched manually for a long time and found nothing. I opened Xray with the mood of trying Sure enough, Xray still awesome. When opening the webpage, Xray directly scanned ThinkPHP 5.0.. 10 rce vulnerability Directly use the command to execute payload, […]
-
ThinkPHP implementation method of parameter verification similar to AOP idea
Explanation of ideas: no matter when developing APIs or doing background projects, the back end should never trust the parameters transmitted by the front end. What it usually needs to do is to verify the legitimacy and security of the parameters. So how to easily verify the parameters in the actual project development. TP provides […]
-
Thinkph p5.1 verification code and implementation of verification function of verification code
Note: since thinkphp5.1 does not have its own verification code, you need to install the think captcha extension package through composer to realize the verification code 1、 Install composer https://www.jb51.net/article/178346.htm 2、 Install the think captcha expansion pack through composer Open the command window, enter vendor / topthink and enter the command. You can also install […]
-
Thinkphp5 + jQuery + Mysql realize voting function
Thinkphp5 + jQuery + MySQL realizes the voting function. First show you the effect picture. If you feel the effect is good, please refer to the example code. design sketch: Front end code: <!DOCTYPE HTML> <html> <head> <meta charset=”utf-8″> < title > realize the red and blue voting function based on thinkphp5 < / Title […]
-
Analysis of picture / file upload function realized by ThinkPHP framework + layui
This article describes the picture / file upload function realized by ThinkPHP framework + layui. Share with you for your reference, as follows: It is used in the project and found ready-made code on the Internet. It is an excuse for abnormal or illegal upload, so it will be shared with you after some exploration. […]
-
ThinkPHP 3.2 framework view model instance view query result two dimensional array merge operation example
This paper describes the two-dimensional array merging operation of ThinkPHP 3.2 framework view model instance view query results. The details are as follows: This is the result of using the view model query array(6) { [0] => array(5) { [“pictitle”] = > string (7) “title 2” [“piccategroy”] = > string (6) “poster” [“picauthor”] = > […]