社团技术部测试题目

August 11, 2021 · 默认分类 · 46次阅读

1.请尽可能的为下面的代码添加注释

<?php 
    function filter_dangerous_words($str){
        $str = str_replace("'", "‘", $str);
        $str = str_replace("\"", "“", $str);
        $str = str_replace("<", "《", $str);
        $str = str_replace(">", "》", $str);
        return $str;
    }
    function getIP() {
        if (getenv('HTTP_CLIENT_IP')) {
        $ip = getenv('HTTP_CLIENT_IP');
        }
        elseif (getenv('HTTP_X_FORWARDED_FOR')) {
        $ip = getenv('HTTP_X_FORWARDED_FOR');
        }
        elseif (getenv('HTTP_X_FORWARDED')) {
        $ip = getenv('HTTP_X_FORWARDED');
        }
        elseif (getenv('HTTP_FORWARDED_FOR')) {
        $ip = getenv('HTTP_FORWARDED_FOR');
 
        }
        elseif (getenv('HTTP_FORWARDED')) {
        $ip = getenv('HTTP_FORWARDED');
        }
        else {
        $ip = $_SERVER['REMOTE_ADDR'];
        }
        return $ip;
    }
 
    $ip = getIP();
    @$referer = $_SERVER['HTTP_REFERER']."\r\n";
    $ua = $_SERVER['HTTP_USER_AGENT']."\r\n\r\n";
    date_default_timezone_set("Asia/Shanghai");
    $date_ = date("Y.m.d,h:i:sa")."\r\n";
 
    $loc = $_GET['uid']."\r\n";
    $hack = 'time: '.$date_.'IP:'.$ip."\r\n".'referer: '.$referer.'loc:'.$loc.'Useragent: '.$ua;
    $hack = filter_dangerous_words($hack);
    $txt = filter_dangerous_words($_GET['id']);
    $op = fopen($txt.'.txt','a+'); 

    fwrite($op,$hack);
    fclose($op);
 

    $im = imagecreatefromjpeg("1.jpg");
    header('Content-Type: image/jpeg');
    imagejpeg($im);
    imagedestroy($im);
 ?>

2.请说明以下变量数据类型

a1 = 123
a2 = '123'
a3 = 123.0
a4 = 1.23E3
a5 = (1,2,3)
a6 = {'a'='1','b'='2','c'='3'}
a7 = new Class

3.请列举你所知道的http请求方式

4.请将下面这串url的协议,域名,路径,参数分离出来

https://www.to1y5.com/admin/write.php?cid=309

5.xss漏洞分哪几种

6.以下哪个漏洞与另外两个非同源

A.CVE-2017-0146
B.CVE-2020-0796
C.CVE-2017-10271

7.请选出选项中与另外三项不同的一项

A.MYSQL
B.ACCESS
C.Office
D.MSSQL

8.____是弱类型语言,____是强类型语言,____是面向过程语言,___是面向对象语言

none

最后编辑于19天前