PHP overview:
PHP default extension: .php
file can contain: HTML, JavaScript, PHP code
PHP full name: Hypertext Preprocessor (Hypertext Preprocessor)
PHP is a widely open source scripting language, used for web development, executed on the server
The basic composition of PHP language:
Script scope: <?php ?>
Notes: #, // ,/* */
Two important languages of PHP: echo, print
<?php
$a='Welcome';
$b=' to my blog';
echo 'echo语句:'.$a,$b.'<br />';
//echo 可以用逗号隔开字符串变量元素
//而print 不可以用逗号隔开,否则会报错
print 'print 函数:'.$a.$b.'<br />';
echo '打印print函数并返回1:'.print $a.$b.'<br />';
?> //echo先执行print语句,而print最后返回1Display results:
Tips: The
echo statement outputs multiple no return values at a time, while the print function can only output one but has a return value
Serial connection:. (Point)
and call it with a custom function
<?php
function mytext(){
$a='Welcome';
$b='to my blog';
$c='to php world';
//echo 可以用逗号隔开字符串变量元素
//而print 不可以用逗号隔开,否则会报错
echo '$a$b:'.$a,$b.'<br />';
echo '$a$c:'.$a,$c.'<br />';
}
//执行函数如下:
echo 'function 函数执行结果:</br>';
mytext();//调用
?>Execution results:
Tips:
PHP variables are case-sensitive
Common PHP functions
PHP can be understood as
basic grammar + statement + variable + function, for example:
<html>
<body>
<!--当请求用GET时,welcome.php要使用$_GET[]-->
<form action="welcome.php" method="post">
姓名:<input type="text" name="name"><br>
邮箱:<input type="text" name="email"><br>
<input type="submit">
</form>
</body>
</html><html>
<body>
<!--当请求用GET时,welcome.php要使用$_GET[]-->
<?php echo $_POST["name"]; ?>, 欢迎您! |<br>
您的邮箱地址是:<?php echo $_POST["email"]; ?>
//这里的$_POST[]调用了上一页面的数据(接受传值)
</body>
</html>Execution result:
Obviously, the first page to jump to welcome.php after submission, and the command requested by $ _POST [] can execute the data of the previous page (accept value transfer)
Note: In addition to $ _GET [], $ _POST [] can accept the pass value, there is also $ _REQUEST [], the difference between GET and POST is to display the data in the URL, REQUEST can accept these two types of data. At the same time, one thing is that REQUEST is accessed by inputting variables on the web page. POST can use some tools similar to the Chinese Ant Sword. It is a C / S architecture, which will be encountered again in the future file upload vulnerability.
Upload file:
upload file vulnerability is involved in upload file.
$ _FILES variable is used here
<form action="" method="post"
enctype="multipart/form-date">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br/>
<input type="submit" name="sumbit" value="Submit"/>
</form>
<?php
if(isset($_REQUEST["sumbit"])){
if($_FILES["file"]["error"]>0)
{
echo "Return Code:".$_FLIES["file"]["error"]."<br />";
}
else{
echo "Upload:".$_FILES["file"]["name"]."<br />";
echo "Type:".$_FILES["file"]["type"]."<br />";
echo "Size:".($_FILES["file"]["size"]/1024)."Kb<br />";
echo "Temp file:".$_FILES["file"]["tmp_name"]."<br />";
if(!file_exists("upload")){mkdir("upload");}
if(file_exists("upload/".$_FILES["file"]["name"]))
{
echo $_FILES["file"]["name"]."already exists.";
}
else{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/".$_FILES["file"]["name"]);
echo "Stored in :"."upload/".$_FILES["file"]["name"];
}
}}
?>Operation result:
There are some commonly used system variables in PHP:
$ _ SERVER (you can get information about the server), $ _GLOBALS, $ _ENV
$ _REQUEST, $ _COOKIE, $ _SESSION
TIPS:
include / require: include file (include 'file name' directly in php)
include: warning, script continues
require: error, script stops
connecting two files through include, and then opens the data of two files on one page
