2014年4月4日
jquery解析xml
//live方法用来向未来添加的元素添加事件jQuery.get()--> Read More
posted @ 2014-04-04 17:26 wint Views(126) Comments(0) Diggs(0)
使用xpath搜索元素
xpath.htmljQuery.get()xpath.phpxpath('//book/name'); $response.=''; foreach($book as $item){ $response.=''; $response.=$item[0].'('.$item['year'].')'; } $response.=''; break; case 'total': $stories=$objxml->xpath('//story'); Read More
posted @ 2014-04-04 17:26 wint Views(235) Comments(0) Diggs(0)
在表单中动态添加输入字段
获得服务端的值,将name="sites[]" 添加到现有的文本框,则可以通过$_POST['sites]访问数组Insert title hereWebsites yo visit dialyName Read More
posted @ 2014-04-04 17:26 wint Views(470) Comments(0) Diggs(0)
jquery操作json
1.Insert title hereSelect a date to view Travel Details 2.json.php'delhi3','destination'=>'london','passengers'=>array(array('name'=>'mr eee','type'=>'audit','age'=>34),array('name'=>'mr eee22', Read More
posted @ 2014-04-04 17:26 wint Views(143) Comments(0) Diggs(0)
为所有表单元素自动创建查询字符串
1jquery的serialize()方法用于将表单的所有元素转换为查询字符串格式,若希望以ajax请求的一部分发送则应该使用该方法2serailizeArray();将所有元素转换为javascript对象。3.button,file元素不发送4.必须指定namejQuery.get()Email:Sex:MaleFemalCountry:newsletter:Send me more information Read More
posted @ 2014-04-04 17:25 wint Views(120) Comments(0) Diggs(0)
使用jquery从php获取数据
index.htmljQuery.get()Show list of:data.php'; for($i=0;$i'.$names[$i].''; } $strResult.=''; return $strResult;} Read More
posted @ 2014-04-04 17:25 wint Views(922) Comments(0) Diggs(0)
ajax 错误处理 $.ajax({url:"",data:"",success:function(){},method:'get',error:function()}{}});
jQuery.get()Enter file name to load:.ajaxError()Categories:Ajax>Global Ajax Event Handlers.ajaxError( handler(event, jqXHR, ajaxSettings, thrownError) )Returns:jQueryDescription:Register a handler to be called when Ajax requests complete with an error. This is anAjax Event.version added:1.0.ajaxE Read More
posted @ 2014-04-04 17:25 wint Views(1805) Comments(0) Diggs(0)
创建空页面并按区域加载
jQuery.get()My new awesome page下斜方肌皮瓣和肩胛背动脉皮瓣在头颈重建中的应用(extended lower trapezius myocutaneous flap,ELTMF)或肩胛背动脉皮瓣(dorsal scapular artery flap,DSAF)。ELTMF...Show footerfooter.htmlLinkLinkLinkLinkLink Read More
posted @ 2014-04-04 17:25 wint Views(108) Comments(0) Diggs(0)
取消上次的ajax请求 ajax.abort();原理所有ajax方法都会返回一个XMLHttpRequest对象
ajaxabort.htmljQuery.get()Show list of:ajaxabort.php'; for($i=0;$i'.$names[$i].''; } $strResult.=''; return $strResult;} Read More
posted @ 2014-04-04 17:25 wint Views(708) Comments(0) Diggs(0)
向php发送数据
jQuery.get()Emial:Name:SexMaleFemaleCountry: Read More
posted @ 2014-04-04 17:25 wint Views(112) Comments(0) Diggs(0)
xml访问元素和属性
jQuery.get()process.phpbook as $book){ if($book['index']==$bookId){if($action=='year'){ $strResponse='This book was published in year:'.$book->name['year']; }else if($action=='stories'){ $stories=$book->story; $strResponse=''; foreach($stories as Read More
posted @ 2014-04-04 17:25 wint Views(146) Comments(0) Diggs(0)
使用SimpleXML从文件和字符串加载xml
1.common.xmlThe Adventrue os A scandal in bohminaYou see,ddddbb1cc1asfafA scandal in bohminaYou see,ddddbb1cc1The Advenasfrue os A scandal in bohminaYou see,ddddbb1cc12.xml.phpmessage.''; }}else{ foreach ($objxml as $book){ echo $book->name; }} Read More
posted @ 2014-04-04 17:25 wint Views(151) Comments(0) Diggs(0)
PHP Security Guide: Overview
PHP Security Guide: OverviewTable of ContentsForm ProcessingWhat Is Security?Security is a measurement, not a characteristic.It is unfortunate that many software projects list security as a simple requirement to be met. Is it secure? This question is as subjective as asking if something is hot.Secur Read More
posted @ 2014-04-04 17:24 wint Views(167) Comments(0) Diggs(0)
PHP Security Guide: Shared Hosts
PHP Security Guide: Shared HostsSessionsAboutExposed Session DataWhen on a shared host, security simply isn't going to be as strong as when on a dedicated host. This is one of the tradeoffs for the inexpensive fee.One particularly vulnerable aspect of shared hosting is having a shared session st Read More
posted @ 2014-04-04 17:24 wint Views(149) Comments(0) Diggs(0)
PHP Security Guide: Sessions
PHP Security Guide: SessionsDatabases and SQLShared HostsSession FixationSession security is a sophisticated topic, and it's no surprise that sessions are a frequent target of attack. Most session attacks involve impersonation, where the attacker attempts to gain access to another user's ses Read More
posted @ 2014-04-04 17:24 wint Views(158) Comments(0) Diggs(0)
PHP Security Guide: Databases and SQL
PHP Security Guide: Databases and SQLForm ProcessingSessionsExposed Access CredentialsMost PHP applications interact with a database. This usually involves connecting to a database server and using access credentials to authenticate:This could be an example of a file calleddb.incthat is included whe Read More
posted @ 2014-04-04 17:24 wint Views(115) Comments(0) Diggs(0)
Using PEAR's Text_CAPTCHA to Secure Web Forms
Using PEAR'sText_CAPTCHAto Secure Web Formsby Marcus WhitneyWhen you have public forms on the web, you are always prone to attacks by those who want to use your application for their own purposes. Forums, polls, guestbooks, and blogs are some of the popular places where automated robots can be f Read More
posted @ 2014-04-04 17:24 wint Views(149) Comments(0) Diggs(0)
Password Hashing
Password Hashingby James McGlinnIn this article I'm going to cover password hashing, a subject which is often poorly understood by newer developers. Recently I've been asked to look at several web applications which all had the same security issue - user profiles stored in a database with pl Read More
posted @ 2014-04-04 17:24 wint Views(209) Comments(0) Diggs(0)
memcache add命令不覆盖原有数据
Memcache::add(PECL memcache >= 0.2.0)Memcache::add — Add an item to the serverDescriptionboolMemcache::add( string$key,mixed$var[, int$flag[, int$expire]] )Memcache::add()stores variablevarwithkeyonly if such key doesn't exist at the server yet. Also you can usememcache_add()function.Paramete Read More
posted @ 2014-04-04 17:24 wint Views(249) Comments(0) Diggs(0)
php中检测ajax请求,该方法是不安全的,http_x_requested_with是jquery自己加上的
checkajax.htmljQuery.get()checkajax.phpHello world!");});亲自试一试定义和用法after() 方法在被选元素后插入指定的内容。语法 Read More
posted @ 2014-04-04 17:24 wint Views(256) Comments(0) Diggs(0)
总结ThinkPHP使用技巧经验分享(三)
add方法返回主键(id)的值在往数据表中添加数据时调用add方法,默认返回值就是刚添加的id值,就不用再去查询了.save方法返回值的判断在修改数据时,如果修改成功返回的是被修改的记录数0,1,2,3......注意:以下几种情况返回 false,所以判断更新失败应使用 if(false === $this->save())(1)更新的数据为空(2)_before_update()方法返回false(3)没有任何更新条件(没有定义where()里的条件,或者保存的数据里没有主键的值)查询后置方法详解如_after_select,_after_insert,_after_update,_ Read More
posted @ 2014-04-04 17:23 wint Views(103) Comments(0) Diggs(0)
总结ThinkPHP使用技巧经验分享(四)
ThinkPHP的CURD易忽视点小结1、不定义方法,直接渲染模板。对于没有任何实际逻辑的操作方法,我们只需要直接定义对应的模板文件就行了,比如表单页面,这个页面一般不会有变量向模板中输出,所以,我们没有必要再去写一个对应的空方法然后$this->display()了。2、简介create方法。假设我们实例化的模型为$model,那么ThinkPHP可以直接通过$model->add()的方式向数据库中添加数据,那么如果我们在$model->add()之前调用$model->create()方法,这样有什么意义呢?create()方法的意义只有一个“确保写入数据库的数据 Read More
posted @ 2014-04-04 17:23 wint Views(118) Comments(0) Diggs(0)
Windows PHP 加速器 WinCache
Windows PHP 加速器WinCache分享到新浪微博腾讯微博已用+1收藏+21微软新推出了配合FastCGI模式使用的WinCache扩展,这是一个可以显著增加PHP应用在Windows环境下使用速度的PHP加速器。所有的PHP应用都能够利用这个扩展所提供的加速功能而不需要修改任何代码。所有需要做的就是将这个扩展激活并被PHP引擎读取。与eAccelerator正好相反的是WinCache要求使用NTS(非线程安全)版本的PHP,因此更适合与FastCGI配合使用。WinCache扩展包括了三种不同种类的缓存使用,下面将要分别介绍这三种缓存和他们所能提供的便利。•PHP操作码缓存PHP Read More
posted @ 2014-04-04 17:23 wint Views(385) Comments(0) Diggs(0)
HTTP 的重定向301,302,303,307(转)
HTTP的重定向301,302,303,307(转)(2012-12-11 11:55:04)转载▼标签:杂谈分类:网络301 永久重定向,告诉客户端以后应从新地址访问.302 作为HTTP1.0的标准,以前叫做Moved Temporarily ,现在叫Found. 现在使用只是为了兼容性的处理,包括PHP的默认Location重定向用的也是302.但是HTTP 1.1 有303 和307作为详细的补充,其实是对302的细化303:对于POST请求,它表示请求已经被处理,客户端可以接着使用GET方法去请求Location里的URI。307:对于POST请求,表示请求还没有被处理,客户端应该向 Read More
posted @ 2014-04-04 17:23 wint Views(168) Comments(0) Diggs(0)
include()与include '';的区别
requirerequire_onceControl StructuresPHP Manualinclude()Theinclude()statement includes and evaluates the specified file.The documentation below also applies torequire().Files are included based on the file path given or, if none is given, theinclude_pathspecified. Theinclude()construct will emit awa Read More
posted @ 2014-04-04 17:23 wint Views(618) Comments(0) Diggs(0)
PHP命名空间
对于命名空间,官方文档已经说得很详细[查看],我在这里做了一下实践和总结。命名空间一个最明确的目的就是解决重名问题,PHP中不允许两个函数或者类出现相同的名字,否则会产生一个致命的错误。这种情况下只要避免命名重复就可以解决,最常见的一种做法是约定一个前缀。例:项目中有两个模块:article和message board,它们各自有一个处理用户留言的类Comment。之后我可能想要增加对所有用户留言的一些信息统计功能,比如说我想得到所有留言的数量。这时候调用它们Comment提供的方法是很好的做法,但是同时引入各自的Comment类显然是不行的,代码会出错,在另一个地方重写任何一个Comment Read More
posted @ 2014-04-04 17:23 wint Views(109) Comments(0) Diggs(0)
PHP Security Guide: Form Processing
PHP Security Guide: Form ProcessingOverviewDatabases and SQLSpoofed Form SubmissionsIn order to appreciate the necessity of data filtering, consider the following form located (hypothetically speaking) athttp://example.org/form.html:Imagine a potential attacker who saves this HTML and modifies it as Read More
posted @ 2014-04-04 17:23 wint Views(102) Comments(0) Diggs(0)
unicode转码中文
functionunescape($str){$str= rawurldecode($str);preg_match_all("/&#(d+);/U",$str,$r);$arr=$r[1];$cstr=array();foreach($arras$number){$cstr[] = iconv("UCS-2","GBK",pack("n",$number));}returnjoin("",$cstr);}unescape(’醉爱’); Read More
posted @ 2014-04-04 17:23 wint Views(119) Comments(0) Diggs(0)
php变量作用域
php变量作用域摘自:http://www.qianyunlai.com.com/blog/220.htmlPHP 中的每个变量都有一个针对它的作用域,它是指可以在其中访问变量(从而访问它的值)的一个领域。对于初学者来说,变量的作用域是它们所驻留的页面。因此,如果你定义了 $var,页面余下部分就可以访问 $var,但是,其它页面一般不能访问它(除非使用特殊的变量)。 因为包含文件像它们是原始(包含)脚本的一部分那样工作,所以在 include() 那一行之前定义的变量可供包含文件使用。此外,包含文件内定义的变量可供 include() 那一行之后的父(包含)脚本使用。 当使用你自己定义的.. Read More
posted @ 2014-04-04 17:23 wint Views(106) Comments(0) Diggs(0)
php加密
The key types of cryptography with which a PHP developer should be familiar are as follows:Symmetric cryptographyAsymmetric (public key) cryptographyCryptographic hash functions (message digests)Message authentication codes (MACs)The majority of this appendix focuses on symmetric cryptography using Read More
posted @ 2014-04-04 17:22 wint Views(152) Comments(0) Diggs(0)
总结ThinkPHP使用技巧经验分享(一)
找了一些使用THinkPHP的心得和技巧,分享给大家约定:1.所有类库文件必须使用.class.php作为文件后缀,并且类名和文件名保持一致2.控制器的类名以Action为后 缀3.模型的类名以Model为后缀,类名第一个字母须大写4.数据库表名全部采用小写,如:数据表名: 前缀_表名模型类名: 表名Model 注:这里的表名第一个字母要大写创建对象: D('表名') 注:这里的表名第一个字母要大写定义控制器类class IndexAction extends Action{public function show(){echo '这是新的 show 操作';} Read More
posted @ 2014-04-04 17:22 wint Views(118) Comments(0) Diggs(0)
总结ThinkPHP使用技巧经验分享(二)
继续分享:循环输出volist 还有别名 iterate模版赋值:$User = D('User')$list = $User->findAll()$this->assign('list',$list)模版定义:{$vo.name}注意 name 和 id 表示的含义// 输出 list 的第 5~15 条记录{$vo.name}// 输出偶数记录{$vo.name}// 输出 key{$k}.{$vo.name}//子循环输出{$sub.name}Switch 标签value1value2default其 中name 属性可以使用函数以及系统变量, Read More
posted @ 2014-04-04 17:22 wint Views(117) Comments(0) Diggs(0)
session加密存储到数据库
iv = $iv;$crypt->ciphertext = $ciphertext;$crypt->decrypt();return $crypt->cleartext;}return '';}function _write($id, $data){This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks .global $_sess_db;$access = time();$crypt = Read More
posted @ 2014-04-04 17:22 wint Views(263) Comments(0) Diggs(0)
如何存储信用卡账号
cleartext = '1234567890123456';$crypt->generate_iv();$crypt->encrypt();$ciphertext = $crypt->ciphertext;$iv = $crypt->iv;$string = base64_encode($iv . $ciphertext);?>Store this string in the database. Upon retrieval, reverse this process as follows:iv = $iv;$crypt->cipherte Read More
posted @ 2014-04-04 17:22 wint Views(122) Comments(0) Diggs(0)
php危险函数&php代码审计
1.eval()The eval( )function is used for evaluating a string as PHP. For example:2. exec( )Try to avoid using shell command functions, but when you require them, be sure to use only filtered, escaped data in the construction of thecommand to be executed:3.file( );当allow_url_fopen = On;时file()可以读取远程文件 Read More
posted @ 2014-04-04 17:22 wint Views(225) Comments(0) Diggs(0)
数据库安全
数据库安全SetEnv DB_USER "myuser"SetEnv DB_PASS "mypass"SetEnvis an Apache directive, and the format of this file instructs Apache to create environment variables for your database username andpassword. Of course, the key to this technique is that only the rootuser can read the file. Read More
posted @ 2014-04-04 17:22 wint Views(131) Comments(0) Diggs(0)
session注入,最好的防御方式是将session存储到数据库
1.index.phpread()){if (substr($filename, 0, 5) == 'sess_'){$sess_data = file_get_contents("$path/$filename");if (!empty($sess_data)){session_decode($sess_data);$sess_data = $_SESSION;$_SESSION = array();$sess_name = substr($filename, 5);$sess_name = htmlentities($sess_name, ENT_QUO Read More
posted @ 2014-04-04 17:22 wint Views(468) Comments(0) Diggs(0)
session_decode — Decodes session data from a string
session_decode— Decodes session data from a stringDescriptionboolsession_decode( string$data)session_decode()decodes the session data indata, setting variables stored in the session.ParametersdataThe encoded data to be stored.Return ValuesReturnsTRUEon success orFALSEon failure. Read More
posted @ 2014-04-04 17:21 wint Views(128) Comments(0) Diggs(0)
php遍历打印session
通常情况下php是不知道sssion存储到哪的,可以使用下面的代码获取所有session文件数据read()){ if(substr($filename, 0,5)=='sess_') { $data=file_get_contents("$path/$filename"); if(!empty($data)) { session_decode($data); $session=$_SESSION; $_SESSION=array(); echo "Session [".substr($filename, 5)."]\n&quo Read More
posted @ 2014-04-04 17:21 wint Views(1332) Comments(0) Diggs(0)
保护登录密码
When to use JavaScript hashingIn general, it is best to use SSL to protect passwords. This provides stronger protection than any JavaScript hashing, and is becoming easier all the time. SSL certificates can now be obtainedfor free. Also, the performance impact of SSL is becoming less (more...). If S Read More
posted @ 2014-04-04 17:21 wint Views(149) Comments(0) Diggs(0)
高级加密
Most of the ideas in this section are hypothetical, although some have been implemented successfully. I would be interested to hear from people who try to implement anything on this page.If JavaScipt is not AvailableIf JavaScipt is not available, the site has a choice - it can either allow a login w Read More
posted @ 2014-04-04 17:21 wint Views(176) Comments(0) Diggs(0)
安全登录验证
1.db security;table useruse security;create table user(username varchar(25) primary key,password varchar(32) not null,identifier varchar(32) ,token varchar(32) ,timeout int);2.登录页面3.处理登录页面dologin.php";echo $timeout;setcookie('auth',"$identifier:$token",$timeout);?>4.关键信息页面进 Read More
posted @ 2014-04-04 17:21 wint Views(260) Comments(0) Diggs(0)
暴力破解用户名密码
$username[$i],'password'=>$password[$i]); }}echo "检测到的用户名-密码";foreach ($hit as $item){ echo $item['username']."".$item['password']."";} Read More
posted @ 2014-04-04 17:21 wint Views(346) Comments(0) Diggs(0)
防止爆破的安全的登录验证
$max){/* Less than 15 seconds since last failure */}elseif ($record['password'] == $clean['password']){/* Successful Login */}else{/* Failed Login */$sql = "UPDATE usersSET last_failure = '$now'WHERE username = '{$mysql['username']}'";mysql_query($sq Read More
posted @ 2014-04-04 17:21 wint Views(581) Comments(0) Diggs(0)
伪造ip,不能伪造remote_addr
<?phpheader('Content-tyep:text/html;charset=utf8');$ch = curl_init();$url = "http://localhost/tp/target_ip.php";$header = array('CLIENT-IP:58.68.44.61','X-FORWARDED-FOR:58.68.44.61',);curl_setopt($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_HTTPHEADER, $heade Read More
posted @ 2014-04-04 17:21 wint Views(1475) Comments(0) Diggs(0)
缓存扩展
posted @ 2014-04-04 17:20 wint Views(86) Comments(0) Diggs(0)
安装和使用memcached
引用:http://www.czhphp.com/archives/252如何将 memcached 融入到您的环境中?在开始安装和使用 using memcached 之前,我们需要了解如何将 memcached 融入到您的环境中。虽然在任何地方都可以使用 memcached,但我发现需要在数据库层中执行几个经常性查询时,memcached 往往能发挥最大的效用。我经常会在数据库和应用服务器之间设置一系列 memcached 实例,并采用一种简单的模式来读取和写入这些服务器。图 1 可以帮助您了解如何设置应用程序体系结构:图 1. 使用 memcached 的示例应用程序体系结构体系结构相当 Read More
posted @ 2014-04-04 17:20 wint Views(90) Comments(0) Diggs(0)
IE=edge 让浏览器使用最新的渲染模式
IE=edge 让浏览器使用最新的渲染模式Bootstrap不支持IE的兼容模式。为了让IE浏览器运行最新的渲染模式,建议将此标签加入到你的页面中: Read More
posted @ 2014-04-04 17:20 wint Views(164) Comments(0) Diggs(0)
bzf架构
3.1. 开源框架bzfshop 采用了很多开源的框架和库来组织我们整个代码,这些开源库是你首先需要了解的东西,否则一些代码调用你会完全看不懂。如果你对这些开源系统不熟悉的话,建议你先 Google 学习这些开源系统,通读它们的文档,等你对这些系统本身已经有足够的了解之后再去看 bzfshop 的代码。F3: Fat Free Framework 是一个 PHP 框架,我们用它实现了 路由、缓存、数据库访问,了解F3 框架是读懂 bzfshop 的第一步。我们使用 F3 框架最主要的原因就是它够小、够轻、够用。Smarty: PHP 著名的模版引擎,关于 PHP 是否有必要用模版还有很多的争论 Read More
posted @ 2014-04-04 17:20 wint Views(396) Comments(0) Diggs(0)
smarty一个严重的漏洞
{literal}{/literal} Read More
posted @ 2014-04-04 17:20 wint Views(633) Comments(0) Diggs(0)
内核控制Meta标签:让360浏览器默认使用极速模式打开网页
内核控制Meta标签:让360浏览器默认使用极速模式打开网页Posted on2014/01/09by极地阳光使用wordpress的模板默认是不支持低版本IE的。现在360浏览器的装机量又那么大,,独独只有ie浏览器的访客越来越少,,为了让网站页面不那么臃肿,也懒的理IE了,同时兼顾更多的国内双核浏览器,在网页页头中添加了下面两行Meta控制标签。1,网页头部加入360浏览器就会在读取到这个标签后,立即切换对应的极速核。2,另外为了保险起见再加入这样写可以达到的效果是如果安装了GCF,则使用GCF来渲染页面,如果没有安装GCF,则使用最高版本的IE内核进行渲染。X-UA-Compatible Read More
posted @ 2014-04-04 17:20 wint Views(282) Comments(0) Diggs(0)
https登录
posted @ 2014-04-04 17:20 wint Views(614) Comments(0) Diggs(0)
Mongodb在Windows下安装及配置
Mongodb在Windows下安装及配置分类:NoSQL mongodb数据库/sql2011-01-08 19:4427680人阅读评论(10)收藏举报mongodbwindows数据库cmdservice1.下载mongodb的windows版本,有32位和64位版本,根据系统情况下载,下载地址:http://www.mongodb.org/downloads2.解压缩至D:/mongodb即可3.创建数据库文件的存放位置,比如D:/mongodb/data/db。启动mongodb服务之前需要必须创建数据库文件的存放文件夹,否则命令不会自动创建,而且不能启动成功。默认文件夹路径为c:/ Read More
posted @ 2014-04-04 17:20 wint Views(91) Comments(0) Diggs(0)
几段有趣的代码
1.Registry是一个全局注册表//base.phpstatic function instance() { if (!Registry::exists($class=get_called_class())) { $ref=new Reflectionclass($class); $args=func_get_args(); Registry::set($class, $args?$ref->newinstanceargs($args):new $class); } return Registry::get($class); }2. class AlipayPlugin extend Read More
posted @ 2014-04-04 17:20 wint Views(121) Comments(0) Diggs(0)
创建浮动菜单
Insert title here Menu Item 1 Sub link 1 Sub link 2 Sub link 3 Menu Item 2 Sub menu 3rd level menu Sub link 1 Sub link 2 Sub link 3 Sub Link1 Sub Link1 ... Read More
posted @ 2014-04-04 17:19 wint Views(249) Comments(0) Diggs(0)
有一定金额(m)的钱,要求生成 n 个红包,每个红包中的钱数是 1--100的随机数
";print_r($arr);echo "";echo "sum:".array_sum($arr);?> Read More
posted @ 2014-04-04 17:19 wint Views(991) Comments(0) Diggs(0)
json_last_error
posted @ 2014-04-04 17:19 wint Views(197) Comments(0) Diggs(0)