php 防注入与字符反过滤代码-php手册-php.cn

Home

php教程

php手册

php 防注入与字符反过滤代码

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 13, 2016 am 10:11 AM

phpsqlandforcodecharacterDevelopersupplyinjectionfilter

好了为php开发者提供了一款php sql 防注入与字符过滤以及各种过滤代码哦。

//==防注入自动过滤[启用后程序效率低]==========================================================================================
/*
function inject_checks($sql_str){return eregi('select|insert|update|delete|'|/*|*|../|./|union|into|load_file|outfile', $sql_str);}
foreach ($_REQUEST as $value){if (inject_checks($value)){echo "";exit;}}
*/
//==防注[inject_check($sql_str)]==========================================================================================
function inject_check($sql_str){
if (eregi('select|insert|update|delete|union|into|load_file|outfile', $sql_str)){echo "";exit;}
return $sql_str;
}
//==字符过滤[safe_convert($string)]==============================================================================
function safe_convert($string){ //Words Filter
if(get_magic_quotes_gpc()){ //转义字符加上反斜线
        $string=htmlspecialchars($string, ENT_QUOTES); //将特殊字元转成HTML字串格式如 "&"转成"&"
        $string=str_replace("         $string=str_replace("\", '\', $string); //替换
    } else {
        $string=addslashes($string); //转义字符加上反斜线 //$string=stripslashes($string); //去掉反斜线
        $string=str_replace("\\", '\', $string);
    }
    //$string=str_replace("r","
",$string); //换行
    //$string=str_replace("n","",$string); //空格
    $string=str_replace("t","  ",$string); //空格
    $string=str_replace(" "," ",$string); //空格
    //$string=str_replace('|', '|', $string); //替换同分类系统有冲突
    $string=str_replace("`","`",$string); //替换
    $string=str_replace("\","\",$string); //替换
    return $string;
}
//==字符反过滤[unsafe_convert($string)]==============================================================================
function unsafe_convert($string){ //Words Filter
    $string=str_replace("\"",""",$string); //替换
    return $string;
}

//==字符过滤[filter($string)]============================================================================================
function filter($string){ //Words Filter
include("Filter.php");//词汇过滤列表
foreach($badwords as $badword){
if(stristr($string,$badword)==true){echo "";exit;}
}
return $string;
}

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Best Graphic Settings

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

2 weeks agoByDDD

R.E.P.O. How to Fix Audio if You Can't Hear Anyone

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

R.E.P.O. Chat Commands and How to Use Them

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software