Programming VIP

XSS attack principle and protection brief introduction XSS(Cross Site Scripting) is a common way in Web attacks. Through this attack, users can be controlled to do a series of malicious operations, such as stealing, tampering, adding users' data or inducing to phishing sites. Attack principle A common way is to use unfiltered parameters to pass ...

1, Login verification. You can't access other pages without login. Judge whether the user has logged in, and use the middleware in the egg. New middleware folder under app, new adminauth.js File, type: var url = require("url"); module.exports = options => { return async function adminauth(ctx, next) { // 1. The user does not log ...

Application scenario Why use it? What's the advantage? This should be put at the beginning to say that only when you know what it is and what it is suitable for, can you better integrate it with your own projects. Where to use it and where to learn it? Learning it doesn't mean learning it doesn't mean we won't. We should usually consider more s ...

Redis is an open source, network-enabled, memory-based and persistent log, Key-Value database written in the ANSI C language, and provides multilingual API s.   This article focuses on the main scenarios for using Redis with PHP. Simple String Cache Actual $redis->connect('127.0.0.1', 6379); $strCacheKey = 'Test_bihu'; //SET Application ...

1, Basic knowledge of Nginx 1. What is Nginx? Nginx is an open source, lightweight, high-performance HTTP server and reverse proxy server.It is characterized by less memory and strong concurrency. 2. What does Nginx do? It can be used as an HTTP server to access and publish websites.It can also be used as a reverse proxy server to achieve load ...

Open the source code directly, see that it is a file upload, check the file size and pass a Check() function judgment, and take a look at the Check() function function Check(){ $BlackExts = array("php"); $ext = explode(".", $_FILES["file"]["name"]); $exts = trim(end($ext)); $file_content = file_get_contents($_FILES["file"]["tmp ...

OpenZeppelin provides three access control modes for smart contracts: the Ownable contract, the Roles library, and the 3.0 new AccelessControl contract.In this tutorial, we will learn about the differences among the three access control modes and how to use them to enhance the security of Solidity contracts in your own ETAI smart contracts. Le ...

Preface MongoDB mass data query is fast without data model Suitable for log database Or the intermediate database reads and stores some business data to be read from the MySQL database MongoDB is not suitable for multi table transaction function, and there is not a good determination mechanism for write operation. It is not suitabl ...

In order to improve user experience when there are many pages, you need to add a skip page, that is, manually enter the number of pages to quickly jump to the specified page. Because it's difficult to write pages manually, and you want to use the pages provided by TP5, but the pages provided by TP5 are relatively simple, so you can customize th ...

mysql is a fast, reliable and easy-to-use database system running on the server, which is often combined with php for web development. There are two ways for php to connect to mysql: mysql i ('i 'means improved): only for mysql pdo (php data objects): can be used in many databases mysqli connection mode can be divide ...