0
我使用下面的代碼來傳遞和嵌入一個Flash文件,我使用getimagesize來獲取swf的寬度和高度,但它似乎不喜歡列表部分......任何人都知道我哪裏錯了?PHP:意外的T_LIST
<?php include($_SERVER['DOCUMENT_ROOT']."/header.php"); ?>
<h1><?php print($_GET['tag']); ?> <a href="#rl">(Related files)</a></h1>
<hr />
<div align="center">
<?php
$project = $_GET['project'];
$file = $_GET['file'];
$tag = $_GET['tag']
list($width, $height, $type, $attr) = getimagesize("files/".$project."/".$file.".swf");
print('<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="'.$width.'" height="'.$height.'" id="FlashID" title="'.$tag.'">');
print('<param name="movie" value="files/'.$project.'/'.$file.'.swf" />');
print('<param name="quality" value="high" />');
print('<param name="wmode" value="opaque" />');
print('<param name="swfversion" value="6.0.65.0" />');
print('<param name="expressinstall" value="/Scripts/expressInstall.swf" />');
?>
<!--[if !IE]>-->
<?php print('<object type="application/x-shockwave-flash" data="files/'.$project.'/'.$file.'.swf" width="'.$width.'" height="'.$height.'">') ?>
<!--<![endif]-->
<param name="quality" value="high" />
<param name="wmode" value="opaque" />
<param name="swfversion" value="6.0.65.0" />
<param name="expressinstall" value="/Scripts/expressInstall.swf" />
<!-- The browser displays the following alternative content for users with Flash Player 6.0 and older. -->
<div>
<h4>Content on this page requires a newer version of Adobe Flash Player.</h4>
<p><a href="http://www.adobe.com/go/getflashplayer"><img src="http://www.adobe.com/images/shared/download_buttons/get_flash_player.gif" alt="Get Adobe Flash player" /></a></p>
</div>
<?php include($_SERVER['DOCUMENT_ROOT']."/footer.php"); ?>
<!--[if !IE]>-->
</object>
<!--<![endif]-->
</object>
<script type="text/javascript">
<!--
swfobject.registerObject("FlashID");
//-->
首先,我覺得你有點兒擔心你將GET參數直接插入文件路徑。這是危險的業務。 – 2011-05-27 08:23:16
他們已經爲另一頁上的網址準備好了。 – 2011-05-27 08:25:07
但是你無法控制哪些參數用於調用此頁面。永遠不要相信任何可以由用戶修改的輸入。 – 2011-05-27 08:26:08