利用php的http_referer函数来判断用户的来路,这是比较简单的,实例代码如下:
复制代码 代码如下:
<?php
if (isset($_SERVER['HTTP_REFERER'])) {
print "The page you were on previously was {$_SERVER['HTTP_REFERER']}<br />";
} else {
print "You didn't click any links to get here<br />";
}
?>
<a href="https://www.jb51.net/refer.php">Click me!</a>
下面是我们让用户不知道我们的来路处理,实例代码如下:
复制代码 代码如下:
<?php
$host = "www.jb51.net";
$referer = "http://".$host;
$fp = fsockopen ($host, 80, $errno, $errstr, 30);
if (!$fp){
echo "$errstr ($errno)<br>;n";
}else{
$request = "
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */"."*
Referer: $host
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Host: $host
Connection: Close"
."rnrn";
fputs ($fp, "$request");
while (!feof($fp))
{
$res[] = fgets($fp,1024);
}
$html = join("",$res);
fclose ($fp);
$fp = file_put_contents("123cha.html",$html);
echo "done";
}
这不就行了?
不过很奇怪的是, 的页面抓下来是乱码(除了http头),这是为什么?难道是因为用了gzip之类压缩?
复制代码 代码如下:
<?php
$host = "www.jb51.net";
$html = file_get_contents("http://".$host);
$fp = file_put_contents("hao123.html",$html);
echo "done";
?>;
但这样抓的就没问题,再来分析开始抓的http头:
HTTP/1.1 200 OK Date: Wed, 31 Aug 2005 00:59:36 GMT Server: Apache/1.3.27 Cache-Control: max-age=1296000 Expires: Thu, 15 Sep 2005 00:59:36 GMT Last-Modified: Mon, 29 Aug 2005 13:56:00 GMT Accept-Ranges: bytes Connection: close Content-Type: text/html Content-Encoding: gzip Content-Length: 14567
果然有这句,Content-Encoding:gzip ,原来压缩了的,长度14567字节了,用第二种方法抓,原来没压缩的html是71143字节,原来file_get_contents还可以自动解压缩.
php实例二,代码如下:
复制代码 代码如下:
<?php
$host = '127.0.0.1';
$target = '/2.php';
$referer = 'https://www.jb51.net'; //伪造HTTP_REFERER地址
$fp = fsockopen($host, 80, $errno, $errstr, 30);
if (!$fp){
echo "$errstr($errno)<br />n";
}
else{
$out = "
GET $target HTTP/1.1
Host: $host
Referer: $referer
Connection: Closernrn";
fwrite($fp, $out);
while (!feof($fp)){
echo fgets($fp, 1024);
}
fclose($fp);
}
?>
另一个2.php文件很简单,只是写上一行读取当前的HTTP_REFERER服务器值的代码即可,如下:
复制代码 代码如下:
<?php
echo "<hr />";
echo $_SERVER["HTTP_REFERER"];
?>