News
Home > News > Content

GM Interface It Works

First of all, be sure to ensure that the interface function is good, GM Interface that is, the normal pass-through test, according to the interface document parameters, normal incoming, can return the correct results.

Now there is an interface for the operation of goods, there is a field type, 1 of the time on behalf of the modification of goods, merchandise ID, GM Interface commodity name, Price has a must pass, GM Interface type 2 is to delete the goods, the product ID is required to pass, such, to measure the combination of parameters, type Pass 1, only the name of the product can be modified, ID, name, price can be modified when the success.

1), bypassing validation, for example, the purchase of a commodity, its price is 300 yuan, then I submit the order, I put the price of this commodity into 3 yuan, the back end has no verification, GM Interface more ruthless point, I changed the money to-3, is not my balance to increase?

2, bypassing the identity authorization, such as modifying the commodity information interface, it must be the seller can modify, then I pass a common user, can modify success, I preach a other seller can modify the success

3, whether the parameters are encrypted, such as my login interface, GM Interface user name and password is not encrypted, if not encrypted, others intercepted your request, you can get your information, encryption rules are easy to crack.

4, password security rules, the complexity of the password verification.

Abnormal, that is, I do not follow the requirements of your interface document input parameters to verify the interface to the exception of the check. For example, GM Interface must fill in the parameter does not fill in, enters the integer type, the incoming string type, the length is 10, passes 11, anyhow is you said how to come, I do not come, actually also on these three kinds, must pass, the parameter type, the input parameter length.

Generic Gateway interface, which is a program that runs on the server, provides interface with the client HTML page, and the popular CGI is like a bridge, GM Interface connect the Web page and the execution program in the Web server, it passes the instruction of the HTML receives to the server, then return the result that the server executes to the HTML page, use CGI can implement the processing table, database query, send email and so on many operations, GM Interface the most common CGI program is the counter. CGI makes the Web page not static, but interactive.

CGI is physically a program that runs on the server and provides an interface to the client's HTML page. That's probably not a good idea. So let's look at a practical example: most of the 2013 personal pages have a guestbook. The message book's work is this: first by the user in the client input some information, such as the name of things. Then the user presses "message" (so far the work is in the client), GM Interface the browser transmits this information to the server's CGI directory specific CGI program, so the CGI program is processed on the server according to the predetermined method. In this case, the information submitted by the user is stored in the specified file. The CGI program then sends a message to the client that the requested task has ended. GM Interface At this point the user will see the words "End of message" in the browser. GM Interface The whole process is over.


Copyright © Shenzhen Navinterface Technology Co.,Ltd. All rights reserved.