服务器为肯定存在于正确目录中的资源提供 410 错误
Server giving 410 error for resource that definitely exists in the correct directory
我正在创建一个电子商务网站,我之前一直在使用 Magento,但现在改为使用自定义网站。
在这个站点上,我创建了一个名为 create_account.php 的页面,这在一段时间内还不错并且运行良好,但随后它开始抛出一个我以前从未见过的 410 错误。做了一些研究,可以看出这表明该文件确实存在但不再存在。
我认为很公平,也许 Magento 有一个同名文件并且它有这个文件被删除的记录,所以它停止读取我的文件,所以我会创建它的副本,给它起别的名字然后将该文件的所有引用更改为 account_create.php 的新名称,并在我的 .htaccess 文件中添加一行,以将可能要访问第一个文件的用户重定向到我的新文件,但我保留了原始文件服务器上的文件。
这在多个 computers/browsers/networks 等上工作了一段时间(我谈论的是几天而不是 hours/minutes),但随后发生了同样的事情。这次我认为它不可能是 Magento 遗留下来的东西或服务器仍有记录的其他东西,但如果上次修复有效,我会尝试一下,看看效果如何。
在一个月的 space 中,同一个文件已经发生了 6 次,有 6 个不同的文件名,它工作了几天,然后服务器说文件不见了。但是,所有 6 个文件仍在我服务器的主目录中。我有一个新名称的第 7 个版本,目前可以使用,但我不抱希望,我的 .htaccess 文件越来越荒谬。
RewriteRule ^create_account/?$ create.php [L,NC,QSA]
RewriteRule ^createaccount/?$ create.php [L,NC,QSA]
RewriteRule ^accountcreate/?$ create.php [L,NC,QSA]
RewriteRule ^account_create/?$ create.php [L,NC,QSA]
RewriteRule ^account_creation/?$ create.php [L,NC,QSA]
RewriteRule ^accountcreation/?$ create.php [L,NC,QSA]
我开始怀疑实际文件本身,尽管在 WAMP 上一切都在本地运行良好,并且在发生这种情况之前它在现场运行了一段时间。这是此文件的内容:
<?php
$active_country_id = $_SESSION["active_country_id"];
$active_country_name = $_SESSION["active_country_name"];
$active_country_code = $_SESSION["active_country_code"];
$active_country_currency = $_SESSION["active_country_currency"];
$active_country_vat = $_SESSION["active_country_vat"];
$active_country_braintree = $_SESSION["active_country_braintree"];
$message = "";
$first_name = "";
$last_name = "";
if(isset($_POST['company_name'])){$company = $_POST['company_name'];}else{$company = "";}
$email = "";
$phone = "";
$password1 = "";
$password2 = "";
$parsed = "";
if(isset($_GET['id']) && $_GET['id'] != ""){
$id = $_GET['id'];
$params = [$id];
$sql = "SELECT * FROM customers WHERE id=?";
$stmt = DB::run($sql,$params);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$first_name = $row["first_name"];
$last_name = $row["last_name"];
$email = $row["email"];
}
}
if (isset($_POST['first_name'])){
if (isset($_POST['first_name']) && $_POST['first_name']!=""){
$first_name = $_POST['first_name'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "First Name is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['last_name']) && $_POST['last_name']!=""){
$last_name = $_POST['last_name'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Surname is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['email']) && $_POST['email']!=""){
$email = $_POST['email'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Email is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['phone']) && $_POST['phone']!=""){
$phone = $_POST['phone'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Phone Number is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['password1']) && $_POST['password1']!=""){
$password1 = $_POST['password1'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Both password fields are required";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['password2']) || $_POST['password2']!=""){
$password2 = $_POST['password2'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Both password fields are required";
$message .= "</div>";
$parsed = "false";
}
if ($_POST['password1'] == $_POST['password2']){
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Password fields must match";
$message .= "</div>";
$parsed = "false";
}
if($parsed == "true")
{
$params = [$email];
$sql = "SELECT * FROM customers WHERE email=?";
$stmt = DB::run($sql,$params);
$customerCount = $stmt->rowCount();
if ($customerCount < 0) {
$message .= "<div id='warning'>";
$message .= "A customer with this email address already exists";
$message .= "</div>";
}else{
if(isset($_GET['id']) && $_GET['id'] != ""){
$customer_id = $_GET['id'];
$params1 = [$first_name,$last_name,$email,$password1,$company,$phone,$customer_id];
$sql1 = "UPDATE customers set first_name=?, last_name=?, email=?, password=?, last_log_date=now(), company=?, phone=? WHERE id=?";
$stmt1 = DB::run($sql1,$params1);
}else{
$params2 = [$first_name,$last_name,$email,$password1,$company,$phone];
var_dump($params2);
$sql2 = "INSERT INTO customers (first_name, last_name, email, password, last_log_date, company, phone) VALUES(?,?,?,?,now(),?,?)";
$stmt2 = DB::run($sql2,$params2);
$customer_id = DB::lastInsertId();
}
$to = $email;
$subject = "Your example.com account";
$message_header = file_get_contents("mail/email_header.php");
$message_content = file_get_contents("mail/account_created.php");
$message_content = str_replace('%first_name%', $first_name, $message_content);
$message_content = str_replace('%last_name%', $last_name, $message_content);
$message_content = str_replace('%email%', $email, $message_content);
$message_footer = file_get_contents("mail/email_footer.php");
$message_to_send = $message_header.$message_content.$message_footer;
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= "From: support@example.com" . "\r\n";
$headers .= "Reply-To: support@example.com" . "\r\n";
mail($to,$subject,$message_to_send,$headers);
$cookie_string = $customer_id.'%'.$first_name.'%'.$last_name;
$cipher = 'aes128';
$key = '*****';
$iv = '****************';
$encrypted_cookie_string = openssl_encrypt($cookie_string,$cipher,$key,$options=0,$iv);
setcookie("example_customer",$encrypted_cookie_string,time()+(60*60*24*30),"/");
header("location: create");
}
}
}
if(isset($_COOKIE["example_customer"])){
header("location: account");
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<?php include_once("analytics.php"); ?>
<?php include_once("base.php"); ?>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<link rel="stylesheet" href="web/style.css" type="text/css" media="screen"/>
<link rel="shortcut icon" type="image/ico" href="web/favicon.ico"/>
<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<script src="web/script.js"></script>
<title>
</title>
</head>
<body>
<div id="mainWrapper">
<div id="pageHeader">
<?php include_once("page_header.php"); ?>
</div>
<div id="pageContent">
<!--<div id="sidebar">
<?php include_once("page_sidebar.php"); ?>
</div>-->
<div id="mainContent">
<center>
<?php echo $message ?>
<form id="create_account_form" name="create_account_form" method="post" action="create">
<center><img src="web/example_logo_bg.png"></center>
<h2>Create Account</h2>
First Name:
<br />
<input name="first_name" type="text" id="first_name" size="40" placeholder="First Name">
<br /><br />
Surname:
<br />
<input name="last_name" type="text" id="last_name" size="40" placeholder="Last Name"/>
<br /><br />
Company Name:
<br />
<input name="company_name" type="text" id="company_name" size="40" placeholder="Company Name"/>
<br /><br />
Email:
<br />
<input name="email" type="text" id="email" size="40" placeholder="Email"/>
<br /><br />
Phone Number:
<br />
<input name="phone" type="text" id="phone" size="40" placeholder="Phone Number"/>
<br /><br />
Password:
<br />
<input name="password1" type="password" id="password1" size="40" placeholder="Password"/>
<br /><br />
Confirm Password:
<br />
<input name="password2" type="password" id="password2" size="40" placeholder="Password"/>
<br /><br />
<center>
<button name="create_account" id="create_account" onclick=this.form.submit();>Create Account</button>
</center>
</form>
</center>
</div>
</div>
</div>
</body>
</html>
我希望对 410 错误本身或可能导致此错误的原因有更多了解。
编辑
我的完整 .htaccess 文件:
Options -MultiViews
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^category/([0-9a-zA-Z-]+)/?$ category.php?id= [L,NC,QSA]
RewriteRule ^product/([0-9a-zA-Z-]+)/?$ product.php?id= [L,NC,QSA]
RewriteRule ^product/([0-9a-zA-Z-]+)/added?$ product.php?id=&added=added [L,NC,QSA]
RewriteRule ^page/([0-9a-zA-Z-]+)/?$ page.php?page_id= [L,NC,QSA]
RewriteRule ^order/([0-9a-zA-Z-]+)/?$ order.php?id= [L,NC,QSA]
RewriteRule ^create_account/?$ creation.php [L,NC,QSA]
RewriteRule ^createaccount/?$ creation.php [L,NC,QSA]
RewriteRule ^accountcreate/?$ creation.php [L,NC,QSA]
RewriteRule ^account_create/?$ creation.php [L,NC,QSA]
RewriteRule ^account_creation/?$ creation.php [L,NC,QSA]
RewriteRule ^accountcreation/?$ creation.php [L,NC,QSA]
RewriteRule ^create/?$ creation.php [L,NC,QSA]
RewriteRule ^([^\.]+)$ .php [L,NC,QSA]
如果可能的话,我想确认 php 文件是否正常,或者至少如果它有问题,它会抛出一个常见的 php 错误,而不是一个 http 响应说文件不存在了。
已通过联系我的共享域名托管服务商解决此问题。
虽然从技术上讲该文件没有任何问题并且按预期工作,但它被域名托管服务商标记为恶意文件。
我还在等着看他们是否可以提供更多信息来说明为什么这被视为恶意。
我正在创建一个电子商务网站,我之前一直在使用 Magento,但现在改为使用自定义网站。
在这个站点上,我创建了一个名为 create_account.php 的页面,这在一段时间内还不错并且运行良好,但随后它开始抛出一个我以前从未见过的 410 错误。做了一些研究,可以看出这表明该文件确实存在但不再存在。
我认为很公平,也许 Magento 有一个同名文件并且它有这个文件被删除的记录,所以它停止读取我的文件,所以我会创建它的副本,给它起别的名字然后将该文件的所有引用更改为 account_create.php 的新名称,并在我的 .htaccess 文件中添加一行,以将可能要访问第一个文件的用户重定向到我的新文件,但我保留了原始文件服务器上的文件。
这在多个 computers/browsers/networks 等上工作了一段时间(我谈论的是几天而不是 hours/minutes),但随后发生了同样的事情。这次我认为它不可能是 Magento 遗留下来的东西或服务器仍有记录的其他东西,但如果上次修复有效,我会尝试一下,看看效果如何。
在一个月的 space 中,同一个文件已经发生了 6 次,有 6 个不同的文件名,它工作了几天,然后服务器说文件不见了。但是,所有 6 个文件仍在我服务器的主目录中。我有一个新名称的第 7 个版本,目前可以使用,但我不抱希望,我的 .htaccess 文件越来越荒谬。
RewriteRule ^create_account/?$ create.php [L,NC,QSA]
RewriteRule ^createaccount/?$ create.php [L,NC,QSA]
RewriteRule ^accountcreate/?$ create.php [L,NC,QSA]
RewriteRule ^account_create/?$ create.php [L,NC,QSA]
RewriteRule ^account_creation/?$ create.php [L,NC,QSA]
RewriteRule ^accountcreation/?$ create.php [L,NC,QSA]
我开始怀疑实际文件本身,尽管在 WAMP 上一切都在本地运行良好,并且在发生这种情况之前它在现场运行了一段时间。这是此文件的内容:
<?php
$active_country_id = $_SESSION["active_country_id"];
$active_country_name = $_SESSION["active_country_name"];
$active_country_code = $_SESSION["active_country_code"];
$active_country_currency = $_SESSION["active_country_currency"];
$active_country_vat = $_SESSION["active_country_vat"];
$active_country_braintree = $_SESSION["active_country_braintree"];
$message = "";
$first_name = "";
$last_name = "";
if(isset($_POST['company_name'])){$company = $_POST['company_name'];}else{$company = "";}
$email = "";
$phone = "";
$password1 = "";
$password2 = "";
$parsed = "";
if(isset($_GET['id']) && $_GET['id'] != ""){
$id = $_GET['id'];
$params = [$id];
$sql = "SELECT * FROM customers WHERE id=?";
$stmt = DB::run($sql,$params);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$first_name = $row["first_name"];
$last_name = $row["last_name"];
$email = $row["email"];
}
}
if (isset($_POST['first_name'])){
if (isset($_POST['first_name']) && $_POST['first_name']!=""){
$first_name = $_POST['first_name'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "First Name is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['last_name']) && $_POST['last_name']!=""){
$last_name = $_POST['last_name'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Surname is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['email']) && $_POST['email']!=""){
$email = $_POST['email'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Email is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['phone']) && $_POST['phone']!=""){
$phone = $_POST['phone'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Phone Number is a required field";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['password1']) && $_POST['password1']!=""){
$password1 = $_POST['password1'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Both password fields are required";
$message .= "</div>";
$parsed = "false";
}
if (isset($_POST['password2']) || $_POST['password2']!=""){
$password2 = $_POST['password2'];
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Both password fields are required";
$message .= "</div>";
$parsed = "false";
}
if ($_POST['password1'] == $_POST['password2']){
$parsed = "true";
}else{
$message .= "<div id='warning'>";
$message .= "Password fields must match";
$message .= "</div>";
$parsed = "false";
}
if($parsed == "true")
{
$params = [$email];
$sql = "SELECT * FROM customers WHERE email=?";
$stmt = DB::run($sql,$params);
$customerCount = $stmt->rowCount();
if ($customerCount < 0) {
$message .= "<div id='warning'>";
$message .= "A customer with this email address already exists";
$message .= "</div>";
}else{
if(isset($_GET['id']) && $_GET['id'] != ""){
$customer_id = $_GET['id'];
$params1 = [$first_name,$last_name,$email,$password1,$company,$phone,$customer_id];
$sql1 = "UPDATE customers set first_name=?, last_name=?, email=?, password=?, last_log_date=now(), company=?, phone=? WHERE id=?";
$stmt1 = DB::run($sql1,$params1);
}else{
$params2 = [$first_name,$last_name,$email,$password1,$company,$phone];
var_dump($params2);
$sql2 = "INSERT INTO customers (first_name, last_name, email, password, last_log_date, company, phone) VALUES(?,?,?,?,now(),?,?)";
$stmt2 = DB::run($sql2,$params2);
$customer_id = DB::lastInsertId();
}
$to = $email;
$subject = "Your example.com account";
$message_header = file_get_contents("mail/email_header.php");
$message_content = file_get_contents("mail/account_created.php");
$message_content = str_replace('%first_name%', $first_name, $message_content);
$message_content = str_replace('%last_name%', $last_name, $message_content);
$message_content = str_replace('%email%', $email, $message_content);
$message_footer = file_get_contents("mail/email_footer.php");
$message_to_send = $message_header.$message_content.$message_footer;
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= "From: support@example.com" . "\r\n";
$headers .= "Reply-To: support@example.com" . "\r\n";
mail($to,$subject,$message_to_send,$headers);
$cookie_string = $customer_id.'%'.$first_name.'%'.$last_name;
$cipher = 'aes128';
$key = '*****';
$iv = '****************';
$encrypted_cookie_string = openssl_encrypt($cookie_string,$cipher,$key,$options=0,$iv);
setcookie("example_customer",$encrypted_cookie_string,time()+(60*60*24*30),"/");
header("location: create");
}
}
}
if(isset($_COOKIE["example_customer"])){
header("location: account");
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<?php include_once("analytics.php"); ?>
<?php include_once("base.php"); ?>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
<link rel="stylesheet" href="web/style.css" type="text/css" media="screen"/>
<link rel="shortcut icon" type="image/ico" href="web/favicon.ico"/>
<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
<script src="web/script.js"></script>
<title>
</title>
</head>
<body>
<div id="mainWrapper">
<div id="pageHeader">
<?php include_once("page_header.php"); ?>
</div>
<div id="pageContent">
<!--<div id="sidebar">
<?php include_once("page_sidebar.php"); ?>
</div>-->
<div id="mainContent">
<center>
<?php echo $message ?>
<form id="create_account_form" name="create_account_form" method="post" action="create">
<center><img src="web/example_logo_bg.png"></center>
<h2>Create Account</h2>
First Name:
<br />
<input name="first_name" type="text" id="first_name" size="40" placeholder="First Name">
<br /><br />
Surname:
<br />
<input name="last_name" type="text" id="last_name" size="40" placeholder="Last Name"/>
<br /><br />
Company Name:
<br />
<input name="company_name" type="text" id="company_name" size="40" placeholder="Company Name"/>
<br /><br />
Email:
<br />
<input name="email" type="text" id="email" size="40" placeholder="Email"/>
<br /><br />
Phone Number:
<br />
<input name="phone" type="text" id="phone" size="40" placeholder="Phone Number"/>
<br /><br />
Password:
<br />
<input name="password1" type="password" id="password1" size="40" placeholder="Password"/>
<br /><br />
Confirm Password:
<br />
<input name="password2" type="password" id="password2" size="40" placeholder="Password"/>
<br /><br />
<center>
<button name="create_account" id="create_account" onclick=this.form.submit();>Create Account</button>
</center>
</form>
</center>
</div>
</div>
</div>
</body>
</html>
我希望对 410 错误本身或可能导致此错误的原因有更多了解。
编辑
我的完整 .htaccess 文件:
Options -MultiViews
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^category/([0-9a-zA-Z-]+)/?$ category.php?id= [L,NC,QSA]
RewriteRule ^product/([0-9a-zA-Z-]+)/?$ product.php?id= [L,NC,QSA]
RewriteRule ^product/([0-9a-zA-Z-]+)/added?$ product.php?id=&added=added [L,NC,QSA]
RewriteRule ^page/([0-9a-zA-Z-]+)/?$ page.php?page_id= [L,NC,QSA]
RewriteRule ^order/([0-9a-zA-Z-]+)/?$ order.php?id= [L,NC,QSA]
RewriteRule ^create_account/?$ creation.php [L,NC,QSA]
RewriteRule ^createaccount/?$ creation.php [L,NC,QSA]
RewriteRule ^accountcreate/?$ creation.php [L,NC,QSA]
RewriteRule ^account_create/?$ creation.php [L,NC,QSA]
RewriteRule ^account_creation/?$ creation.php [L,NC,QSA]
RewriteRule ^accountcreation/?$ creation.php [L,NC,QSA]
RewriteRule ^create/?$ creation.php [L,NC,QSA]
RewriteRule ^([^\.]+)$ .php [L,NC,QSA]
如果可能的话,我想确认 php 文件是否正常,或者至少如果它有问题,它会抛出一个常见的 php 错误,而不是一个 http 响应说文件不存在了。
已通过联系我的共享域名托管服务商解决此问题。
虽然从技术上讲该文件没有任何问题并且按预期工作,但它被域名托管服务商标记为恶意文件。
我还在等着看他们是否可以提供更多信息来说明为什么这被视为恶意。