http://www.wechall.net/challenge/yourself_php/index.php/asdf
因为username被转义了,不能在这注入
但是_$SERVER['PHP_SELF']被直接输出,而且这道题的标题就暗示了要从这里入手
http://www.wechall.net/challenge/yourself_php/index.php/"><script>alert(1);</script>
但有个地方还是不太明白,/foo.php/bar被解析成/foo.php,是PHP的决定还是web server的?