PHP 防注入函数(格式化数据)
- WBOYOriginal
- 2016-06-06 20:38:20818browse
下面的函数通过格式化数据的方法实现数据的addslashes,不过也建议大家参考下discuz的防注入函数。
代码如下:
//格式化数据(防止注入)
function site_addslashes($string, $force = 0) {
!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
if(!MAGIC_QUOTES_GPC || $force) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
}
return $string;
}
?>
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:php中将时间差转换为字符串提示的实现代码Next article:php简单的会话类代码_php入门_脚本之家