≡ 分类 ≡
≡ 推荐 ≡
- PHP Token 认证机制实现
- PHP PDO预处理条件查询
- JavaScript 默认值设置方法
- Promise 的基本使用方法
- 完整支持TRUNCATE TABLE和其他SQL语句的导入方案
- Jquery+ajax返回的数据类型为script,且含有多个变量
- PHP类使用详解
- jQuery AJAX success 回调中的返回值处理
- PHP解压缩Gzip文件方法总结
- JavaScript Promise 用法详解
- PHP PDO 导出指定表数据(导入前清空表)
- PHP 中使用 try-catch 捕获错误信息
- JavaScript数组求平均值方法总结
- MySQL 5.7 忘记 root 密码解决方法
- HTML 图片异步加载
- 根据某数组,在另一个数组中检索并输出对应值
≡ 热点 ≡
- 用Javascript为图片img添加onclick事件
- 图解Windows Installer制作软件安装包
- 轻型数据库SQLite结合PHP的研发
- 在没有MySQL支持的虚拟主机,在PHP中使用文本数据库
- PHP之glob函数
- DIY服务器硬盘RAID选用
- PHP代码优化及PHP相关问题总结
- Windows操作系统发展历史二
- 用PHP函数解决SQL injection
- ISP如何在网内部署BGP路由协议
- Div+CSS:absolute与relative
- Photoshop CS3:为美女刷出亮白牙齿
- PHP CURL 发送和接收XML数据
- 采集cz88.net免费代理的小程序
- Fireworks打造热力四射手机广告
- 记录搜索蜘蛛爬行记录的Asp代码
以特定类型输出文件的问题
作者:不详, 来源:网络, 阅读:71, 发布时间:2014-05-19
这个自动判断文件类型并以特定文件头输出的程序,自己测试基本可用,望大家帮忙分析有无漏洞,请多提宝贵意见!
$fn = $_GET['file'];
$fn = eregi_replace("^.*/","",$fn);
$ft = eregi_replace("^.*.","",$fn);
$mime = array();
$mime['123'] = "application/vnd.lotus-1-2-3";
$mime['3gp'] = "video/3gpp";
$mime['aab'] = "application/x-authoware-bin";
$mime['aam'] = "application/x-authoware-map";
$mime['aas'] = "application/x-authoware-seg";
$mime['ai'] = "application/postscript";
$mime['aif'] = "audio/x-aiff";
$mime['aifc'] = "audio/x-aiff";
$mime['aiff'] = "audio/x-aiff";
$mime['als'] = "audio/X-Alpha5";
$mime['amc'] = "application/x-mpeg";
$mime['ani'] = "application/octet-stream";
$mime['asc'] = "text/plain";
$mime['asd'] = "application/astound";
$mime['asf'] = "video/x-ms-asf";
$mime['asn'] = "application/astound";
$mime['asp'] = "application/x-asap";
$mime['asx'] = "video/x-ms-asf";
$mime['au'] = "audio/basic";
$mime['avb'] = "application/octet-stream";
$mime['avi'] = "video/x-msvideo";
$mime['awb'] = "audio/amr-wb";
$mime['bcpio'] = "application/x-bcpio";
$mime['bin'] = "application/octet-stream";
$mime['bld'] = "application/bld";
$mime['bld2'] = "application/bld2";
$mime['bmp'] = "application/x-MS-bmp";
$mime['bpk'] = "application/octet-stream";
$mime['bz2'] = "application/x-bzip2";
$mime['cal'] = "image/x-cals";
$mime['ccn'] = "application/x-cnc";
$mime['cco'] = "application/x-cocoa";
$mime['cdf'] = "application/x-netcdf";
$mime['cgi'] = "magnus-internal/cgi";
$mime['chat'] = "application/x-chat";
$mime['class'] = "application/octet-stream";
$mime['clp'] = "application/x-msclip";
$mime['cmx'] = "application/x-cmx";
$mime['co'] = "application/x-cult3d-object";
$mime['cod'] = "image/cis-cod";
$mime['cpio'] = "application/x-cpio";
$mime['cpt'] = "application/mac-compactpro";
$mime['crd'] = "application/x-mscardfile";
$mime['csh'] = "application/x-csh";
$mime['csm'] = "chemical/x-csml";
$mime['csml'] = "chemical/x-csml";
$mime['css'] = "text/css";
$mime['cur'] = "application/octet-stream";
$mime['dcm'] = "x-lml/x-evm";
$mime['dcr'] = "application/x-director";
$mime['dcx'] = "image/x-dcx";
$mime['dhtml'] = "text/html";
$mime['dir'] = "application/x-director";
$mime['dll'] = "application/octet-stream";
$mime['dmg'] = "application/octet-stream";
$mime['dms'] = "application/octet-stream";
$mime['doc'] = "application/msword";
$mime['dot'] = "application/x-dot";
$mime['dvi'] = "application/x-dvi";
$mime['dwf'] = "drawing/x-dwf";
$mime['dwg'] = "application/x-autocad";
$mime['dxf'] = "application/x-autocad";
$mime['dxr'] = "application/x-director";
$mime['ebk'] = "application/x-expandedbook";
$mime['emb'] = "chemical/x-embl-dl-nucleotide";
$mime['embl'] = "chemical/x-embl-dl-nucleotide";
$mime['eps'] = "application/postscript";
$mime['eri'] = "image/x-eri";
$mime['es'] = "audio/echospeech";
$mime['esl'] = "audio/echospeech";
$mime['etc'] = "application/x-earthtime";
$mime['etx'] = "text/x-setext";
$mime['evm'] = "x-lml/x-evm";
$mime['evy'] = "application/x-envoy";
$mime['exe'] = "application/octet-stream";
$mime['fh4'] = "image/x-freehand";
$mime['fh5'] = "image/x-freehand";
$mime['fhc'] = "image/x-freehand";
$mime['fif'] = "image/fif";
$mime['fm'] = "application/x-maker";
$mime['fpx'] = "image/x-fpx";
$mime['fvi'] = "video/isivideo";
$mime['gau'] = "chemical/x-gaussian-input";
$mime['gca'] = "application/x-gca-compressed";
$mime['gdb'] = "x-lml/x-gdb";
$mime['gif'] = "image/gif";
$mime['gps'] = "application/x-gps";
$mime['gtar'] = "application/x-gtar";
$mime['gz'] = "application/x-gzip";
$mime['hdf'] = "application/x-hdf";
$mime['hdm'] = "text/x-hdml";
$mime['hdml'] = "text/x-hdml";
$mime['hlp'] = "application/winhlp";
$mime['hqx'] = "application/mac-binhex40";
$mime['htm'] = "text/html";
$mime['html'] = "text/html";
$mime['hts'] = "text/html";
$mime['ice'] = "x-conference/x-cooltalk";
$mime['ico'] = "application/octet-stream";
$mime['ief'] = "image/ief";
$mime['ifm'] = "image/gif";
$mime['ifs'] = "image/ifs";
$mime['imy'] = "audio/melody";
$mime['ins'] = "application/x-NET-Install";
$mime['ips'] = "application/x-ipscript";
$mime['ipx'] = "application/x-ipix";
$mime['it'] = "audio/x-mod";
$mime['itz'] = "audio/x-mod";
$mime['ivr'] = "i-world/i-vrml";
$mime['j2k'] = "image/j2k";
$mime['jad'] = "text/vnd.sun.j2me.app-descriptor";
$mime['jam'] = "application/x-jam";
$mime['jar'] = "application/java-archive";
$mime['jnlp'] = "application/x-java-jnlp-file";
$mime['jpe'] = "image/jpeg";
$mime['jpeg'] = "image/jpeg";
$mime['jpg'] = "image/jpeg";
$mime['jpz'] = "image/jpeg";
$mime['js'] = "application/x-javascript";
$mime['jwc'] = "application/jwc";
$mime['kjx'] = "application/x-kjx";
$mime['lak'] = "x-lml/x-lak";
$mime['latex'] = "application/x-latex";
$mime['lcc'] = "application/fastman";
$mime['lcl'] = "application/x-digitalloca";
$mime['lcr'] = "application/x-digitalloca";
$mime['lgh'] = "application/lgh";
$mime['lha'] = "application/octet-stream";
$mime['lml'] = "x-lml/x-lml";
$mime['lmlpack'] = "x-lml/x-lmlpack";
$mime['lsf'] = "video/x-ms-asf";
$mime['lsx'] = "video/x-ms-asf";
$mime['lzh'] = "application/x-lzh";
$mime['m13'] = "application/x-msmediaview";
$mime['m14'] = "application/x-msmediaview";
$mime['m15'] = "audio/x-mod";
$mime['m3u'] = "audio/x-mpegurl";
$mime['m3url'] = "audio/x-mpegurl";
$mime['ma1'] = "audio/ma1";
$mime['ma2'] = "audio/ma2";
$mime['ma3'] = "audio/ma3";
$mime['ma5'] = "audio/ma5";
$mime['man'] = "application/x-troff-man";
$mime['map'] = "magnus-internal/imagemap";
$mime['mbd'] = "application/mbedlet";
$mime['mct'] = "application/x-mascot";
$mime['mdb'] = "application/x-msaccess";
$mime['mdz'] = "audio/x-mod";
$mime['me'] = "application/x-troff-me";
$mime['mel'] = "text/x-vmel";
$mime['mi'] = "application/x-mif";
$mime['mid'] = "audio/midi";
$mime['midi'] = "audio/midi";
$mime['mif'] = "application/x-mif";
$mime['mil'] = "image/x-cals";
$mime['mio'] = "audio/x-mio";
$mime['mmf'] = "application/x-skt-lbs";
$mime['mng'] = "video/x-mng";
$mime['mny'] = "application/x-msmoney";
$mime['moc'] = "application/x-mocha";
$mime['mocha'] = "application/x-mocha";
$mime['mod'] = "audio/x-mod";
$mime['mof'] = "application/x-yumekara";
$mime['mol'] = "chemical/x-mdl-molfile";
$mime['mop'] = "chemical/x-mopac-input";
$mime['mov'] = "video/quicktime";
$mime['movie'] = "video/x-sgi-movie";
$mime['mp2'] = "audio/x-mpeg";
$mime['mp3'] = "audio/x-mpeg";
$mime['mp4'] = "video/mp4";
$mime['mpc'] = "application/vnd.mpohun.certificate";
$mime['mpe'] = "video/mpeg";
$mime['mpeg'] = "video/mpeg";
$mime['mpg'] = "video/mpeg";
$mime['mpg4'] = "video/mp4";
$mime['mpga'] = "audio/mpeg";
$mime['mpn'] = "application/vnd.mophun.application";
$mime['mpp'] = "application/vnd.ms-project";
$mime['mps'] = "application/x-mapserver";
$mime['mrl'] = "text/x-mrml";
$mime['mrm'] = "application/x-mrm";
$mime['ms'] = "application/x-troff-ms";
$mime['mts'] = "application/metastream";
$mime['mtx'] = "application/metastream";
$mime['mtz'] = "application/metastream";
$mime['mzv'] = "application/metastream";
$mime['nar'] = "application/zip";
$mime['nbmp'] = "image/nbmp";
$mime['nc'] = "application/x-netcdf";
$mime['ndb'] = "x-lml/x-ndb";
$mime['ndwn'] = "application/ndwn";
$mime['nif'] = "application/x-nif";
$mime['nmz'] = "application/x-scream";
$mime['nokia-op-logo'] = "image/vnd.nok-oplogo-color";
$mime['npx'] = "application/x-netfpx";
$mime['nsnd'] = "audio/nsnd";
$mime['nva'] = "application/x-neva1";
$mime['oda'] = "application/oda";
$mime['oom'] = "application/x-AtlasMate-Plugin";
$mime['pac'] = "audio/x-pac";
$mime['pae'] = "audio/x-epac";
$mime['pan'] = "application/x-pan";
$mime['pbm'] = "image/x-portable-bitmap";
$mime['pcx'] = "image/x-pcx";
$mime['pda'] = "image/x-pda";
$mime['pdb'] = "chemical/x-pdb";
$mime['pdf'] = "application/pdf";
$mime['pfr'] = "application/font-tdpfr";
$mime['pgm'] = "image/x-portable-graymap";
$mime['pict'] = "image/x-pict";
$mime['pm'] = "application/x-perl";
$mime['pmd'] = "application/x-pmd";
$mime['png'] = "image/png";
$mime['pnm'] = "image/x-portable-anymap";
$mime['pnz'] = "image/png";
$mime['pot'] = "application/vnd.ms-powerpoint";
$mime['ppm'] = "image/x-portable-pixmap";
$mime['pps'] = "application/vnd.ms-powerpoint";
$mime['ppt'] = "application/vnd.ms-powerpoint";
$mime['pqf'] = "application/x-cprplayer";
$mime['pqi'] = "application/cprplayer";
$mime['prc'] = "application/x-prc";
$mime['proxy'] = "application/x-ns-proxy-autoconfig";
$mime['ps'] = "application/postscript";
$mime['ptlk'] = "application/listenup";
$mime['pub'] = "application/x-mspublisher";
$mime['pvx'] = "video/x-pv-pvx";
$mime['qcp'] = "audio/vnd.qcelp";
$mime['qt'] = "video/quicktime";
$mime['qti'] = "image/x-quicktime";
$mime['qtif'] = "image/x-quicktime";
$mime['r3t'] = "text/vnd.rn-realtext3d";
$mime['ra'] = "audio/x-pn-realaudio";
$mime['ram'] = "audio/x-pn-realaudio";
$mime['rar'] = "application/x-rar-compressed";
$mime['ras'] = "image/x-cmu-raster";
$mime['rdf'] = "application/rdf+xml";
$mime['rf'] = "image/vnd.rn-realflash";
$mime['rgb'] = "image/x-rgb";
$mime['rlf'] = "application/x-richlink";
$mime['rm'] = "audio/x-pn-realaudio";
$mime['rmf'] = "audio/x-rmf";
$mime['rmm'] = "audio/x-pn-realaudio";
$mime['rmvb'] = "audio/x-pn-realaudio";
$mime['rnx'] = "application/vnd.rn-realplayer";
$mime['roff'] = "application/x-troff";
$mime['rp'] = "image/vnd.rn-realpix";
$mime['rpm'] = "audio/x-pn-realaudio-plugin";
$mime['rt'] = "text/vnd.rn-realtext";
$mime['rte'] = "x-lml/x-gps";
$mime['rtf'] = "application/rtf";
$mime['rtg'] = "application/metastream";
$mime['rtx'] = "text/richtext";
$mime['rv'] = "video/vnd.rn-realvideo";
$mime['rwc'] = "application/x-rogerwilco";
$mime['s3m'] = "audio/x-mod";
$mime['s3z'] = "audio/x-mod";
$mime['sca'] = "application/x-supercard";
$mime['scd'] = "application/x-msschedule";
$mime['sdf'] = "application/e-score";
$mime['sea'] = "application/x-stuffit";
$mime['sgm'] = "text/x-sgml";
$mime['sgml'] = "text/x-sgml";
$mime['sh'] = "application/x-sh";
$mime['shar'] = "application/x-shar";
$mime['shtml'] = "magnus-internal/parsed-html";
$mime['shw'] = "application/presentations";
$mime['si6'] = "image/si6";
$mime['si7'] = "image/vnd.stiwap.sis";
$mime['si9'] = "image/vnd.lgtwap.sis";
$mime['sis'] = "application/vnd.symbian.install";
$mime['sit'] = "application/x-stuffit";
$mime['skd'] = "application/x-Koan";
$mime['skm'] = "application/x-Koan";
$mime['skp'] = "application/x-Koan";
$mime['skt'] = "application/x-Koan";
$mime['slc'] = "application/x-salsa";
$mime['smd'] = "audio/x-smd";
$mime['smi'] = "application/smil";
$mime['smil'] = "application/smil";
$mime['smp'] = "application/studiom";
$mime['smz'] = "audio/x-smd";
$mime['snd'] = "audio/basic";
$mime['spc'] = "text/x-speech";
$mime['spl'] = "application/futuresplash";
$mime['spr'] = "application/x-sprite";
$mime['sprite'] = "application/x-sprite";
$mime['spt'] = "application/x-spt";
$mime['src'] = "application/x-wais-source";
$mime['stk'] = "application/hyperstudio";
$mime['stm'] = "audio/x-mod";
$mime['sv4cpio'] = "application/x-sv4cpio";
$mime['sv4crc'] = "application/x-sv4crc";
$mime['svf'] = "image/vnd";
$mime['svg'] = "image/svg-xml";
$mime['svh'] = "image/svh";
$mime['svr'] = "x-world/x-svr";
$mime['swf'] = "application/x-shockwave-flash";
$mime['swfl'] = "application/x-shockwave-flash";
$mime['t'] = "application/x-troff";
$mime['tad'] = "application/octet-stream";
$mime['talk'] = "text/x-speech";
$mime['tar'] = "application/x-tar";
$mime['taz'] = "application/x-tar";
$mime['tbp'] = "application/x-timbuktu";
$mime['tbt'] = "application/x-timbuktu";
$mime['tcl'] = "application/x-tcl";
$mime['tex'] = "application/x-tex";
$mime['texi'] = "application/x-texinfo";
$mime['texinfo'] = "application/x-texinfo";
$mime['tgz'] = "application/x-tar";
$mime['thm'] = "application/vnd.eri.thm";
$mime['tif'] = "image/tiff";
$mime['tiff'] = "image/tiff";
$mime['tki'] = "application/x-tkined";
$mime['tkined'] = "application/x-tkined";
$mime['toc'] = "application/toc";
$mime['toy'] = "image/toy";
$mime['tr'] = "application/x-troff";
$mime['trk'] = "x-lml/x-gps";
$mime['trm'] = "application/x-msterminal";
$mime['tsi'] = "audio/tsplayer";
$mime['tsp'] = "application/dsptype";
$mime['tsv'] = "text/tab-separated-values";
$mime['tsv'] = "text/tab-separated-values";
$mime['ttf'] = "application/octet-stream";
$mime['ttz'] = "application/t-time";
$mime['txt'] = "text/plain";
$mime['ult'] = "audio/x-mod";
$mime['ustar'] = "application/x-ustar";
$mime['uu'] = "application/x-uuencode";
$mime['uue'] = "application/x-uuencode";
$mime['vcd'] = "application/x-cdlink";
$mime['vcf'] = "text/x-vcard";
$mime['vdo'] = "video/vdo";
$mime['vib'] = "audio/vib";
$mime['viv'] = "video/vivo";
$mime['vivo'] = "video/vivo";
$mime['vmd'] = "application/vocaltec-media-desc";
$mime['vmf'] = "application/vocaltec-media-file";
$mime['vmi'] = "application/x-dreamcast-vms-info";
$mime['vms'] = "application/x-dreamcast-vms";
$mime['vox'] = "audio/voxware";
$mime['vqe'] = "audio/x-twinvq-plugin";
$mime['vqf'] = "audio/x-twinvq";
$mime['vql'] = "audio/x-twinvq";
$mime['vre'] = "x-world/x-vream";
$mime['vrml'] = "x-world/x-vrml";
$mime['vrt'] = "x-world/x-vrt";
$mime['vrw'] = "x-world/x-vream";
$mime['vts'] = "workbook/formulaone";
$mime['wav'] = "audio/x-wav";
$mime['wax'] = "audio/x-ms-wax";
$mime['wbmp'] = "image/vnd.wap.wbmp";
$mime['web'] = "application/vnd.xara";
$mime['wi'] = "image/wavelet";
$mime['wis'] = "application/x-InstallShield";
$mime['wm'] = "video/x-ms-wm";
$mime['wma'] = "audio/x-ms-wma";
$mime['wmd'] = "application/x-ms-wmd";
$mime['wmf'] = "application/x-msmetafile";
$mime['wml'] = "text/vnd.wap.wml";
$mime['wmlc'] = "application/vnd.wap.wmlc";
$mime['wmls'] = "text/vnd.wap.wmlscript";
$mime['wmlsc'] = "application/vnd.wap.wmlscriptc";
$mime['wmlscript'] = "text/vnd.wap.wmlscript";
$mime['wmv'] = "audio/x-ms-wmv";
$mime['wmx'] = "video/x-ms-wmx";
$mime['wmz'] = "application/x-ms-wmz";
$mime['wpng'] = "image/x-up-wpng";
$mime['wpt'] = "x-lml/x-gps";
$mime['wri'] = "application/x-mswrite";
$mime['wrl'] = "x-world/x-vrml";
$mime['wrz'] = "x-world/x-vrml";
$mime['ws'] = "text/vnd.wap.wmlscript";
$mime['wsc'] = "application/vnd.wap.wmlscriptc";
$mime['wv'] = "video/wavelet";
$mime['wvx'] = "video/x-ms-wvx";
$mime['wxl'] = "application/x-wxl";
$mime['x-gzip'] = "application/x-gzip";
$mime['xar'] = "application/vnd.xara";
$mime['xbm'] = "image/x-xbitmap";
$mime['xdm'] = "application/x-xdma";
$mime['xdma'] = "application/x-xdma";
$mime['xdw'] = "application/vnd.fujixerox.docuworks";
$mime['xht'] = "application/xhtml+xml";
$mime['xhtm'] = "application/xhtml+xml";
$mime['xhtml'] = "application/xhtml+xml";
$mime['xla'] = "application/vnd.ms-excel";
$mime['xlc'] = "application/vnd.ms-excel";
$mime['xll'] = "application/x-excel";
$mime['xlm'] = "application/vnd.ms-excel";
$mime['xls'] = "application/vnd.ms-excel";
$mime['xlt'] = "application/vnd.ms-excel";
$mime['xlw'] = "application/vnd.ms-excel";
$mime['xm'] = "audio/x-mod";
$mime['xml'] = "text/xml";
$mime['xmz'] = "audio/x-mod";
$mime['xpi'] = "application/x-xpinstall";
$mime['xpm'] = "image/x-xpixmap";
$mime['xsit'] = "text/xml";
$mime['xsl'] = "text/xml";
$mime['xul'] = "text/xul";
$mime['xwd'] = "image/x-xwindowdump";
$mime['xyz'] = "chemical/x-pdb";
$mime['yz1'] = "application/x-yz1";
$mime['z'] = "application/x-compress";
$mime['zac'] = "application/x-zaurus-zac";
$mime['zip'] = "application/zip";
@header("Content-Type: ".$mime[$ft]);
$fp = @fopen($fn,"r");
print @fread($fp, @filesize($fn));
@fclose($fn);
#/sdff/sdfsdf/sfsgdh/sdfg/sdg.vjsd
?>
标签:输出文件
以下是用户评论查看全部评论