效果如图
伪造的文件：1.php
查看效果的脚本2.php
function getclientip() {
    if (!empty($_server[http_client_ip]))
        $ip = $_server[http_client_ip];
    else if (!empty($_server[http_x_forwarded_for]))
        $ip = $_server[http_x_forwarded_for];
    else if (!empty($_server[remote_addr]))
        $ip = $_server[remote_addr];
    else
        $ip = err;
    return $ip;
}
echo ip: . getclientip() . ;
echo referer: . $_server[http_referer];
摘自 www.xssxss.com/fuck/519.xss
http://www.bkjia.com/phpjc/478468.htmlwww.bkjia.comtruehttp://www.bkjia.com/phpjc/478468.htmltecharticle效果如图 伪造的文件：1.php ?php $ch = curl_init(); curl_setopt($ch, curlopt_url, http://localhost/2.php); curl_setopt($ch, curlopt_httpheader, array(x-forwarded-for:8.8.8...