PHP 安全检测代码片段(分享)-php手册-php.cn

Home

php教程

php手册

PHP 安全检测代码片段(分享)

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 06, 2016 pm 08:28 PM

phpSecurity testing

本篇文章是对PHP安全检测代码的片段进行了详细的分析介绍，需要的朋友参考下

复制代码代码如下:

/**
* html转换输出（只转义' " 保留Html正常运行)
* @param $param
* @return string
*/
function htmlEscape($param) {
 return trim(htmlspecialchars($param, ENT_QUOTES));
}

/**
* 是否数组（同时检测数组中是否存在值）
* @param $params
* @return boolean
*/
function isArray($params) {
 return (!is_array($params) || !count($params)) ? false : true;
}

/**
* 变量是否在数组中存在（参数容错，香港虚拟主机，香港虚拟主机，香港虚拟主机，字符串是否存在于数组中)
* @param $param
* @param $params
* @return boolean
*/
function inArray($param, $params) {
 return (!in_array((string)$param, (array)$params)) ? false : true;
}

/**
* 通用多类型混合转义函数
* @param $var
* @param $strip
* @param $isArray
* @return mixture
*/
function sqlEscape($var, $strip = true, $isArray = false) {
 if (is_array($var)) {
 if (!$isArray) return " '' ";
 foreach ($var as $key => $value) {
 $var[$key] = trim(S::sqlEscape($value, $strip));
 }
 return $var;
 } elseif (is_numeric($var)) {
 return " '" . $var . "' ";
 } else {
 return " '" . addslashes($strip ? stripslashes($var) : $var) . "' ";
 }
}

 /**
 * 获取服务器变量
 * @param $keys
 * @return string
 */
 function getServer($keys) {
 $server = array();
 $array = (array) $keys;
 foreach ($array as $key) {
 $server[$key] = NULL;
 if (isset($_SERVER[$key])) {
 $server[$key] = str_replace(array('','"',"'",'%3C','%3E','%22','%27','%3c','%3e'), '', $_SERVER[$key]);
 }
 }
 return is_array($keys) ? $server : $server[$keys];
 }

 /**
 * 变量转义
 * @param $array
 */
 function slashes(&$array) {
 if (is_array($array)) {
 foreach ($array as $key => $value) {
 if (is_array($value)) {
 S::slashes($array[$key]);
 } else {
 $array[$key] = addslashes($value);
 }
 }
 }
 }

 /**
 * 目录转换
 * @param unknown_type $dir
 * @return string
 */
 function escapeDir($dir) {
 $dir = str_replace(array("'",'#','=','`','$','%','&',';'), '', $dir);
 return rtrim(preg_replace('/(\/){2,}|(\\\){1,}/', '/', $dir), '/');
 }
 /**
 * 通用多类型转换
 * @param $mixed
 * @param $isint
 * @param $istrim
 * @return mixture
 */
 function escapeChar($mixed, $isint = false, $istrim = false) {
 if (is_array($mixed)) {
 foreach ($mixed as $key => $value) {
 $mixed[$key] = S::escapeChar($value, $isint, $istrim);
 }
 } elseif ($isint) {
 $mixed = (int) $mixed;
 } elseif (!is_numeric($mixed) && ($istrim ? $mixed = trim($mixed) : $mixed) && $mixed) {
 $mixed = S::escapeStr($mixed);
 }
 return $mixed;
 }
 /**
 * 字符转换
 * @param $string
 * @return string
 */
 function escapeStr($string) {
 $string = str_replace(array("\0","%00","\r"), '', $string); //modified@2010-7-5
 $string = preg_replace(array('/[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F]/','/&(?!(#[0-9]+|[a-z]+);)/is'), array('', '&'), $string);
 $string = str_replace(array("%3C",' $string = str_replace(array("%3E",'>'), '>', $string);
 $string = str_replace(array('"',"'","\t",' '), array('"',''',' ',' '), $string);
 return $string;
 }
 /**
 * 变量检查
 * @param $var
 */
 function checkVar(&$var) {
 if (is_array($var)) {
 foreach ($var as $key => $value) {
 S::checkVar($var[$key]);
 }
 } elseif (P_W != 'admincp') {
 $var = str_replace(array('..',')',' } elseif (str_replace(array(' global $basename; $basename = 'javascript:history.go(-1);'; adminmsg('word_error'); } }

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks agoByDDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks agoByDDD

Where to find the Crane Control Keycard in Atomfall

3 weeks agoByDDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

4 weeks agoByDDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks agoByDDD

Hot Tools

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

PhpStorm Mac version

The latest (2018.2.1) professional PHP integrated development tool

Atom editor mac version download

The most popular open source editor

Hot Topics

Where is the login entrance for gmail email?

7588

CakePHP Tutorial

1386

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

123