Home >php教程 >php手册 >PHP 防注入函数(格式化数据)

PHP 防注入函数(格式化数据)

WBOY
WBOYOriginal
2016-06-06 20:38:20833browse

下面的函数通过格式化数据的方法实现数据的addslashes,不过也建议大家参考下discuz的防注入函数。

代码如下:

//格式化数据(防止注入)
function site_addslashes($string, $force = 0) {
!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
if(!MAGIC_QUOTES_GPC || $force) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
}
return $string;
}
?>
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn