解析php下载远程图片函数可伪造来路_php技巧
内容导读
互联网集市收集整理的这篇技术教程文章主要介绍了解析php下载远程图片函数可伪造来路_php技巧,小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含4717字,纯文字阅读大概需要7分钟。
内容图文
![解析php下载远程图片函数可伪造来路_php技巧](/upload/InfoBanner/zyjiaocheng/262/063283edc9894a7e93703b5c92a87169.jpg)
$rfurl 来路。如果目标图像做了防盗链设置,可以绕过。
$filename 下载图片保存的文件名,相对路径,不要用realpath
$gcookie 调整cookie 伪造的cookie
$JumpCount 跳转计数
$maxtime 最大次数
调用方法:DownImageKeep(“http://www.baidu.com/img/baidu_jgylogo2.gif”,”http://baidu.com”,”a.gif”,”",0,10);
代码如下:
function DownImageKeep($gurl, $rfurl, $filename, $gcookie="", $JumpCount=0, $maxtime=30)
{
$urlinfos = GetHostInfo($gurl);
$ghost = trim($urlinfos['host']);
if($ghost=='')
{
return FALSE;
}
$gquery = $urlinfos['query'];
if($gcookie=="" && !empty($rfurl))
{
$gcookie = RefurlCookie($rfurl);
}
$sessionQuery = "GET $gquery HTTP/1.1\r\n";
$sessionQuery .= "Host: $ghost\r\n";
$sessionQuery .= "Referer: $rfurl\r\n";
$sessionQuery .= "Accept: */*\r\n";
$sessionQuery .= "User-Agent: Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)\r\n";
if($gcookie!="" && !preg_match("/[\r\n]/", $gcookie))
{
$sessionQuery .= $gcookie."\r\n";
}
$sessionQuery .= "Connection: Keep-Alive\r\n\r\n";
$errno = "";
$errstr = "";
$m_fp = fsockopen($ghost, 80, $errno, $errstr,10);
fwrite($m_fp,$sessionQuery);
$lnum = 0;
//获取详细应答头
$m_httphead = Array();
$httpstas = explode(" ",fgets($m_fp,256));
$m_httphead["http-edition"] = trim($httpstas[0]);
$m_httphead["http-state"] = trim($httpstas[1]);
while(!feof($m_fp))
{
$line = trim(fgets($m_fp,256));
if($line == "" || $lnum>100)
{
break;
}
$hkey = "";
$hvalue = "";
$v = 0;
for($i=0; $i
if($v==1)
{
$hvalue .= $line[$i];
}
if($line[$i]==":")
{
$v = 1;
}
if($v==0)
{
$hkey .= $line[$i];
}
}
$hkey = trim($hkey);
if($hkey!="")
{
$m_httphead[strtolower($hkey)] = trim($hvalue);
}
}
//分析返回记录
if(preg_match("/^3/", $m_httphead["http-state"]))
{
if(isset($m_httphead["location"]) && $JumpCount<3)
{
$JumpCount++;
DownImageKeep($gurl,$rfurl,$filename,$gcookie,$JumpCount);
}
else
{
return FALSE;
}
}
if(!preg_match("/^2/", $m_httphead["http-state"]))
{
return FALSE;
}
if(!isset($m_httphead))
{
return FALSE;
}
$contentLength = $m_httphead['content-length'];
//保存文件
$fp = fopen($filename,"w") or die("写入文件:{$filename} 失败!");
$i=0;
$okdata = "";
$starttime = time();
while(!feof($m_fp))
{
$okdata .= fgetc($m_fp);
$i++;
//超时结束
if(time()-$starttime>$maxtime)
{
break;
}
//到达指定大小结束
if($i >= $contentLength)
{
break;
}
}
if($okdata!="")
{
fwrite($fp,$okdata);
}
fclose($fp);
if($okdata=="")
{
@unlink($filename);
fclose($m_fp);
return FALSE;
}
fclose($m_fp);
return TRUE;
}
/**
* 获得某页面返回的Cookie信息
*
* @access public
* @param string $gurl 调整地址
* @return string
*/
function RefurlCookie($gurl)
{
global $gcookie,$lastRfurl;
$gurl = trim($gurl);
if(!empty($gcookie) && $lastRfurl==$gurl)
{
return $gcookie;
}
else
{
$lastRfurl=$gurl;
}
if(trim($gurl)=='')
{
return '';
}
$urlinfos = GetHostInfo($gurl);
$ghost = $urlinfos['host'];
$gquery = $urlinfos['query'];
$sessionQuery = "GET $gquery HTTP/1.1\r\n";
$sessionQuery .= "Host: $ghost\r\n";
$sessionQuery .= "Accept: */*\r\n";
$sessionQuery .= "User-Agent: Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)\r\n";
$sessionQuery .= "Connection: Close\r\n\r\n";
$errno = "";
$errstr = "";
$m_fp = fsockopen($ghost, 80, $errno, $errstr,10) or die($ghost.'
');
fwrite($m_fp,$sessionQuery);
$lnum = 0;
//获取详细应答头
$gcookie = "";
while(!feof($m_fp))
{
$line = trim(fgets($m_fp,256));
if($line == "" || $lnum>100)
{
break;
}
else
{
if(preg_match("/^cookie/i", $line))
{
$gcookie = $line;
break;
}
}
}
fclose($m_fp);
return $gcookie;
}
/**
* 获得网址的host和query部份
*
* @access public
* @param string $gurl 调整地址
* @return string
*/
function GetHostInfo($gurl)
{
$gurl = preg_replace("/^http:\/\//i", "", trim($gurl));
$garr['host'] = preg_replace("/\/(.*)$/i", "", $gurl);
$garr['query'] = "/".preg_replace("/^([^\/]*)\//i", "", $gurl);
return $garr;
}
?>
内容总结
以上是互联网集市为您收集整理的解析php下载远程图片函数可伪造来路_php技巧全部内容,希望文章能够帮你解决解析php下载远程图片函数可伪造来路_php技巧所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。
内容备注
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。
内容手机端
扫描二维码推送至手机访问。