我遇到了一个非常奇怪的问题。我有一个应用程序在我当地的环境中运行得很好,最近在生产中运行得也很好。不过,现在在生产中,它在我的输入中添加了一个流氓反斜杠键。它在Input::all()
中显示,但在$_POST
中不显示。我正在使用以下代码进行调试。
routes.php
Route::post('/', function() {
return [
'$_FILES' => $_FILES,
'$_GET' => $_GET,
'$_POST' => $_POST,
'Input::all()' => Input::all()
];
});
响应
{
"$_FILES": [],
"$_GET": {
"''": ""
},
"$_POST": {
"start_date": "2015-02-17",
"end_date": "2015-02-23",
"name": "Test Data"
},
"Input::all()": {
"start_date": "2015-02-17",
"end_date": "2015-02-23",
"name": "Test Data",
"''": ""
}
}
其他详细信息
$_SERVER['REQUEST_URI']
返回一个类似/example/path
的路径,其中没有任何异常。
这似乎是一个与nginx相关的问题。我不知道为什么它突然出现,但我能够替换我的nginx主机文件中的以下块来解决这个问题。
损坏版本
location ~ '.php$ {
fastcgi_split_path_info ^(.+'.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
工作版本(从另一个配置中复制)
location ~ '.php$ {
# Security risk mitigation
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_read_timeout 360;
# added these from tmberg's recommedation (on freenode)
fastcgi_split_path_info ^(.+'.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
# connect to FPM on a unix socket
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME /www/mydomain.com/public$fastcgi_script_name;
# Added to allow for larger error headers to output
fastcgi_temp_file_write_size 10m;
fastcgi_busy_buffers_size 512k;
fastcgi_buffer_size 512k;
fastcgi_buffers 16 512k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_intercept_errors on;
fastcgi_next_upstream error invalid_header timeout http_500;
}