这是一个创建于 4556 天前的主题,其中的信息可能已经有所发展或是发生改变。
是Code4App的搜索功能,数据库用mongo,搜索用coreseek。
coreseek老是挂掉,需要重启coreseek才能用搜索
查看服务器日志,看到
[Sun May 13 16:00:55 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...(此处省略报错文件路径等)
[Sun May 20 05:30:33 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...
[Mon May 21 17:55:52 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...
[Tue May 22 12:51:35 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...
[Wed May 23 08:55:35 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...
[Thu May 24 17:00:46 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...
[Fri May 25 13:26:28 2012] [error] [client 124.115.1.7] PHP Fatal error: Uncaught exception 'MongoException' with message 'non-utf8 string: 4\xb8\xf1' in ...
我是特意把 IP为124.115.1.7的记录找出来的,感觉是不是这家伙发现我们网站的这个漏洞了,经常没事就玩我们一把
用的是CI框架,关键性的一段代码:
$word = $this->uri->segment(2,'');//获取搜索字符串,搜索我做了静态化,类似于:code4app.com/search/table,table就是查询词
$word = clean_hex($word);//过滤非utf8字符,这是出现这个问题之后加的,但貌似没起效果
$word = urldecode($word);//被urlencode,所以urldecode
$word = trim($word);//去掉前后空格
$id_list = ($word == '')?array():$this->searchengine->query($word);//调用coreseek搜索
以上代码是我自己写的,怕是错误可能来源于此,所以我每一句都注释了,告诉你我当初为什么这么写
clean_hex函数代码:
function clean_hex($input){
$clean = preg_replace("![\][xX]([A-Fa-f0-9]{1,3})!", "",$input);
//reject overly long 2 byte sequences, as well as characters above U+10000 and replace with ?
$clean = preg_replace('/[\x00-\x08\x10\x0B\x0C\x0E-\x19\x7F]'.
'|[\x00-\x7F][\x80-\xBF]+'.
'|([\xC0\xC1]|[\xF0-\xFF])[\x80-\xBF]*'.
'|[\xC2-\xDF]((?![\x80-\xBF])|[\x80-\xBF]{2,})'.
'|[\xE0-\xEF](([\x80-\xBF](?![\x80-\xBF]))|(?![\x80-\xBF]{2})|[\x80-\xBF]{3,})/S',
'', $clean );
//reject overly long 3 byte sequences and UTF-16 surrogates and replace with ?
$clean = preg_replace('/\xE0[\x80-\x9F][\x80-\xBF]'.
'|\xED[\xA0-\xBF][\x80-\xBF]/S','', $clean );
return $clean;
}
这个函数是网上找的
求指导,如何解决?
1 条回复 • 1970-01-01 08:00:00 +08:00
|
|
1
qiayue 2012-05-26 12:14:47 +08:00
求帮忙!!!!
|