如何在HTML中显示源文件.php?
我有以下PHP脚本(file.php),它显示当前时间并显示用户的输入:
Current time:
<?php
$time=time();
$actual_time=date('H:i:s',$time);
echo $actual_time;
//show user input
$enter=@$_POST['enter'];
echo '<br>Input: '.$enter;
?>
<form action="" method="POST">
<input type="text" name="enter">
<input type="submit" value="Refresh">
</form>
默认情况下,页面显示:
如果我输入eg <strong>test</strong>,我看到:
如果我进入<iframe src="file.php"></iframe>,我可以在一个较小的窗口中重新加载页面:
那么,现在,如何通过在INPUT文本字段中提交某些HTML代码来显示原始PHP脚本(file.php)?
Dan*_*ndo 11
<?php
// Disable a WebKit security feature
// which would prevent from showing the source code.
header('X-XSS-Protection: 0');
if (isset($_GET['source']) || isset($_POST['source'])) {
$source = file_get_contents(__FILE__);
// To prevent this control from showing up
// in the output source code
// enable the code below.
/*
$lines_to_remove = 26;
$source = explode("\n", $source, $lines_to_remove);
$source = $source[$lines_to_remove - 1];
*/
$source = highlight_string($source, true);
echo $source;
return;
}
?>
Current time:
<?php
$time=time();
$actual_time=date('H:i:s',$time);
echo $actual_time;
//show user input
$enter=@$_POST['enter'];
echo '<br>Input: '.$enter;
?>
<form action="" method="POST">
<input type="text" name="enter">
<input type="submit" value="Refresh">
</form>
