我正在為道德黑客創建一個網站,他們可以在其中搜索 Collections 1-5' 資料泄露的資料庫。我正在讓這個應用程式使用 URL 引數,為了使應用程式簡單,我只是將我不使用的引數留空 ex。username=&password=pass但我的問題是有時(因為它在此之前作業)回傳一個我無法弄清楚的隨機值。
例如,假設變數被呼叫var1,我做了一個 If 陳述句-確保它不為空,所以我這樣做
if var1 != "":
pass
但是有一些奇怪的值通過并且 if 陳述句仍在運行。
我試過的:
我嘗試向 if 陳述句添加多個值,這些值也可能是空白的,例如,
var1 != "" or var1 != None or var1 != " "
這是我與郵遞員一起使用的確切 URL,它會拋出一個500 500 INTERNAL SERVER ERROR
http://localhost:6969/search/shordan?ip=&port=&domain=&formated_domain=&asn=&isp=&orginization=&tag=&product=&city=i&country=u&email=&tel=
請注意,我只在第一個 if 回圈中添加了額外的or !=陳述句,用于測驗不起作用
這些是我的 if 陳述句
if ip != "" or ip != None or ip != " ":
IP = f"ip LIKE '%{ip}%' "
andCounter = 1
hasIP = True
else:
IP = ""
if port != "" or port != None:
Port = f"Port LIKE '%{port}%' "
andCounter = 1
hasPort = True
else:
Port = ""
if domain != "" or domain != None:
Domain = f"Domain LIKE '%{domain}%' "
andCounter = 1
hasDomain = True
else:
Domain = ""
if formatedDomain != "" or formatedDomain != None:
FormatedDomain = f"'FORMATED DOMAIN' LIKE '%{formatedDomain}%' "
andCounter = 1
hasFormatedDomain = True
else:
formatedDomain = ""
if asn != "" or asn != None:
print("asn: " asn)
Asn = f"asn LIKE '%{asn}%' "
andCounter = 1
hasAsn = True
else:
Asn = ""
if isp != "" or isp != None:
ISP = f"ISP LIKE '%{isp}%' "
andCounter = 1
hasISP = True
else:
ISP = ""
if orginization != "" or orginization != None:
Orginization = f"ORGANIZATION LIKE '%{orginization}%' "
andCounter = 1
hasOrginization = True
else:
Orginization = ""
if tag != "" or tag != None:
Tag = f"tags LIKE '%{tag}%' "
andCounter = 1
hasTag = True
else:
Tag = ""
if product != "" or product != None:
print("product: " product)
Product = f"product LIKE '%{product}%' "
andCounter = 1
hasProduct = True
else:
Product = ""
if city != "" or city != None:
print("city: " city)
City = f"city LIKE '%{city}%' "
andCounter = 1
hasCity = True
else:
City = ""
if country != "" or country != None:
Country = f"country LIKE '%{country}%' "
andCounter = 1
hasCountry = True
else:
Country = ""
if email != "" or email != None:
Email = f"email LIKE '%{email}%' "
andCounter = 1
hasEmail = True
else:
Email = ""
if tel != "" or tel != None:
Tel = f"tel LIKE '%{tel}%' "
andCounter = 1
hasTel = True
else:
Tel = ""
如果它有幫助,我讓 if 陳述句成為一個變數True,如果 if 陳述句運行,那么我列印了它,這些是結果
Has IP: True
has Port: True
Has Domain: True
Has Formated Domain: True
hasASN: False
hasISP: True
hasOrginization: True
hasTag: True
hasProduct: True
hasCity: True
hasCountry: True
hasEmail: True
hasTel: True
uj5u.com熱心網友回復:
我試圖通過以下方式驗證引數是否為空:
@app.route("/test",methods=["GET"])
def test():
emptyvalues = ["", "''", " ", "' '", None, '""', '" "']
data = request.args
if "ip" in data and data["ip"] not in emptyvalues:
hasIP = True
else:
hasIP = False
if "port" in data and data["port"] not in emptyvalues:
hasPort = True
else:
hasPort = False
print(hasIP, hasPort)
print(data)
return 'hello'
我用了
/test?ip=123&port=&domain=&formated_domain=&asn=&isp=&orginization=&tag=&product=&city=i&country=u&email=&tel=
結果
True
False
ImmutableMultiDict([('ip', '123'), ('port', ''), ('domain', ''), ('formated_domain', ''), ('asn', ''), ('isp', ''), ('orginization', ''), ('tag', ''), ('product', ''), ('city', 'i'), ('country', 'u'), ('email', ''), ('tel', '')])
您的代碼使用“或”而不是“和”,這就是無效輸入傳遞為 True 的原因
轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/459278.html