PHP weak type learning
Main line
https://www.cnblogs.com/Mrsm1th/p/6745532.html
https://www.freebuf.com/articles/web/129607.html
These two blogs are very detailed, the following is the first blog in the learning process The content of the search is
recommended to read the first reserved question and then read the second one before reviewing
The following is the content searched during the learning process:
1.$_GET variable
2.ctype_alpha
3.md5() function
4.json_decode function
5.intval() function
6.array_search function
7.strcmp() vulnerability
1.$_GET variable
https://www.runoob.com/php/php-get.html
also proves that the get parameter is passed through the URL and is not very secure.
We can add:? Content to submit get parameters
2.ctype_alpha
https://www.php.net/manual/zh/function.ctype-alpha.php
If each character in the string is a letter, then it returns TRUE, otherwise it returns FALSE
3.md5() function
https://www.w3school.com.cn/php/func_string_md5.asp
Adjust the encryption method according to true and flase (for strings),
which can be bypassed by the characteristics of weak types
4.json_decode function
Attach the explanation of key, value,=> and ->:
Array(0=>1,1=>2,2=>3,3=>4)
Then the left side of the equal sign is the subscript of the array, also called the index. It is called a key, and the arrow points to the value of the array.
->: https://blog.csdn.net/qq_38275944/article/details/75576963
-> is the member access symbol => is the assignment symbol of the array
(object-oriented reference)
json needs to learn js and object-oriented (super It’s up!)
Learn abstract first, don’t mess around
5.intval() function
https://www.php.net/intval
for base decoding
6.array_search function
https://www.w3school.com.cn/php/func_array_search.asp
7.strcmp() vulnerability
https://blog.csdn.net/cherrie007/article/details/77473817
for low version of php