服务器对肯定存在于正确目录中的资源给出 410 错误
Pad*_*han 5 php .htaccess http http-status-code-410 server
我正在创建一个电子商务网站,我以前一直使用 Magento,但现在改为自定义构建的网站。
在这个网站上,我创建了一个名为 的页面create_account.php,这在一段时间内表现良好并且运行良好,但随后它开始抛出我以前从未见过的 410 错误。做了一些研究,可以发现这表明该文件确实存在,但不再存在。
我认为很公平,也许 Magento 有一个同名的文件,并且它有该文件被删除的记录,因此它停止读取我的文件,所以我将创建它的副本,将其命名为其他名称并更改对此的所有引用文件更改为新名称account_create.php,并在我的文件中放入一行.htaccess,以将可能会转到第一个文件的用户重定向到我的新文件,但我将原始文件留在了服务器上。
这在多台计算机/浏览器/网络等上运行了一段时间(我谈论的是几天而不是几小时/分钟),但后来发生了同样的事情。这次我认为这不可能是 Magento 留下的东西或服务器仍然有记录的其他东西,但如果上次修复有效,我会尝试一下,看看效果如何。
现在,这种情况已经发生了 6 次,同一个文件有 6 个不同的文件名,在一个月内它运行了几天,然后服务器说该文件消失了。然而,所有 6 个文件仍然位于我服务器的主目录中。我有一个带有新名称的第七个版本,目前正在运行,但我不抱希望,我的.htaccess文件变得很荒谬。
RewriteRule ^create_account/?$ create.php [L,NC,QSA]
RewriteRule ^createaccount/?$ create.php [L,NC,QSA]
RewriteRule ^accountcreate/?$ create.php [L,NC,QSA]
RewriteRule ^account_create/?$ create.php [L,NC,QSA]
RewriteRule ^account_creation/?$ create.php [L,NC,QSA]
RewriteRule ^accountcreation/?$ create.php [L,NC,QSA]
我开始怀疑实际的文件本身,尽管在 WAMP 上本地一切都工作正常,并且在这种情况发生之前它可以正常工作一段时间。这是该文件的内容:
<?php
$active_country_id = $_SESSION["active_country_id"];
$active_country_name = $_SESSION["active_country_name"];
$active_country_code = $_SESSION["active_country_code"];
$active_country_currency = $_SESSION["active_country_currency"];
$active_country_vat = $_SESSION["active_country_vat"];
$active_country_braintree = $_SESSION["active_country_braintree"];
$message = "";
$first_name = "";
$last_name = "";
if(isset($_POST['company_name'])){$company = $_POST['company_name'];}else{$company = "";}
$email = "";
$phone = "";
$password1 = "";
$password2 = "";
$parsed = "";
if(isset($_GET['id']) && $_GET['id'] != ""){
$id = $_GET['id'];
$params = [$id];
$sql = "SELECT * FROM customers WHERE id=?";
$stmt = DB::run($sql,$params);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$first_name = $row["first_name"];
$last_name = $row["last_name"];
$email = $row["email"];
}
}
if (isset($_POST['first_name'])){
if (isset($_POST['first_name']) && $_POST['first_name']!=""){
$first_name = $_POST['first_name'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "First Name is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['last_name']) && $_POST['last_name']!=""){
$last_name = $_POST['last_name'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Surname is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['email']) && $_POST['email']!=""){
$email = $_POST['email'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Email is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['phone']) && $_POST['phone']!=""){
$phone = $_POST['phone'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Phone Number is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['password1']) && $_POST['password1']!=""){
$password1 = $_POST['password1'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Both password fields are required";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['password2']) || $_POST['password2']!=""){
$password2 = $_POST['password2'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Both password fields are required";
$message .= "</div>";
$parsed = "false";
}
if ($_POST['password1'] == $_POST['password2']){
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Password fields must match";
$message .= "</div>";
$parsed = "false";
}
if($parsed == "true")
{
$params = [$email];
$sql = "SELECT * FROM customers WHERE email=?";
$stmt = DB::run($sql,$params);
$customerCount = $stmt->rowCount();
if ($customerCount < 0) {
$message .= "<div id='warning'>";
$message .= "A customer with this email address already exists";
$message .= "</div>";
}else{
if(isset($_GET['id']) && $_GET['id'] != ""){
$customer_id = $_GET['id'];
$params1 = [$first_name,$last_name,$email,$password1,$company,$phone,$customer_id];
$sql1 = "UPDATE customers set first_name=?, last_name=?, email=?, password=?, last_log_date=now(), company=?, phone=? WHERE id=?";
$stmt1 = DB::run($sql1,$params1);
}else{
$params2 = [$first_name,$last_name,$email,$password1,$company,$phone];
var_dump($params2);
$sql2 = "INSERT INTO customers (first_name, last_name, email, password, last_log_date, company, phone) VALUES(?,?,?,?,now(),?,?)";
$stmt2 = DB::run($sql2,$params2);
$customer_id = DB::lastInsertId();
}
$to = $email;
$subject = "Your example.com account";
$message_header = file_get_contents("mail/email_header.php");
$message_content = file_get_contents("mail/account_created.php");
$message_content = str_replace('%first_name%', $first_name, $message_content);
$message_content = str_replace('%last_name%', $last_name, $message_content);
$message_content = str_replace('%email%', $email, $message_content);
$message_footer = file_get_contents("mail/email_footer.php");
$message_to_send = $message_header.$message_content.$message_footer;
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= "From: support@example.com" . "\r\n";
$headers .= "Reply-To: support@example.com" . "\r\n";
mail($to,$subject,$message_to_send,$headers);
$cookie_string = $customer_id.'%'.$first_name.'%'.$last_name;
$cipher = 'aes128';
$key = '*****';
$iv = '****************';
$encrypted_cookie_string = openssl_encrypt($cookie_string,$cipher,$key,$options=0,$iv);
setcookie("example_customer",$encrypted_cookie_string,time()+(60*60*24*30),"/");
header("location: create");
}
}
}
if(isset($_COOKIE["example_customer"])){
header("location: account");
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<?php include_once("analytics.php"); ?>
<?php include_once("base.php"); ?>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<link rel="stylesheet" href="web/style.css" type="text/css" media="screen"/>
<link rel="shortcut icon" type="image/ico" href="web/favicon.ico"/>
<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<script src="web/script.js"></script>
<title>
</title>
</head>
<body>
<div id="mainWrapper">
<div id="pageHeader">
<?php include_once("page_header.php"); ?>
</div>
<div id="pageContent">
<!--<div id="sidebar">
<?php include_once("page_sidebar.php"); ?>
</div>-->
<div id="mainContent">
<center>
<?php echo $message ?>
<form id="create_account_form" name="create_account_form" method="post" action="create">
<center><img src="web/example_logo_bg.png"></center>
<h2>Create Account</h2>
First Name:
<br />
<input name="first_name" type="text" id="first_name" size="40" placeholder="First Name">
<br /><br />
Surname:
<br />
<input name="last_name" type="text" id="last_name" size="40" placeholder="Last Name"/>
<br /><br />
Company Name:
<br />
<input name="company_name" type="text" id="company_name" size="40" placeholder="Company Name"/>
<br /><br />
Email:
<br />
<input name="email" type="text" id="email" size="40" placeholder="Email"/>
<br /><br />
Phone Number:
<br />
<input name="phone" type="text" id="phone" size="40" placeholder="Phone Number"/>
<br /><br />
Password:
<br />
<input name="password1" type="password" id="password1" size="40" placeholder="Password"/>
<br /><br />
Confirm Password:
<br />
<input name="password2" type="password" id="password2" size="40" placeholder="Password"/>
<br /><br />
<center>
<button name="create_account" id="create_account" onclick=this.form.submit();>Create Account</button>
</center>
</form>
</center>
</div>
</div>
</div>
</body>
</html>
我正在寻求对 410 错误本身或可能导致此错误的原因有更多的了解。
编辑
我的完整.htaccess文件:
Options -MultiViews
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^category/([0-9a-zA-Z-]+)/?$ category.php?id=$1 [L,NC,QSA]
RewriteRule ^product/([0-9a-zA-Z-]+)/?$ product.php?id=$1 [L,NC,QSA]
RewriteRule ^product/([0-9a-zA-Z-]+)/added?$ product.php?id=$1&added=added [L,NC,QSA]
RewriteRule ^page/([0-9a-zA-Z-]+)/?$ page.php?page_id=$1 [L,NC,QSA]
RewriteRule ^order/([0-9a-zA-Z-]+)/?$ order.php?id=$1 [L,NC,QSA]
RewriteRule ^create_account/?$ creation.php [L,NC,QSA]
RewriteRule ^createaccount/?$ creation.php [L,NC,QSA]
RewriteRule ^accountcreate/?$ creation.php [L,NC,QSA]
RewriteRule ^account_create/?$ creation.php [L,NC,QSA]
RewriteRule ^account_creation/?$ creation.php [L,NC,QSA]
RewriteRule ^accountcreation/?$ creation.php [L,NC,QSA]
RewriteRule ^create/?$ creation.php [L,NC,QSA]
RewriteRule ^([^\.]+)$ $1.php [L,NC,QSA]
如果可能的话,我想确认 php 文件是否正常,或者至少如果它有问题,它会抛出一个常见的 php 错误,而不是一个 http 响应,说明该文件不再存在。
通过联系我的共享域名托管服务商解决了这个问题。
尽管从技术上讲该文件没有任何问题并且按预期工作,但它被域名托管服务商标记为恶意文件。
我仍在等待他们是否可以提供更多有关为什么这被视为恶意的信息。
| 归档时间: |
|
| 查看次数: |
1591 次 |
| 最近记录: |