Home  >  Article  >  Backend Development  >  Share several customized PHP functions

Share several customized PHP functions

PHP中文网
PHP中文网Original
2016-07-13 09:57:06710browse

这篇文章主要介绍了分享自定义的几个PHP功能函数,本文罗列的都是WEB开发中常用的一些功能函数,例如提交过滤、字符串截取、IP地址匿名化、隐藏文件真实路径等,需要的朋友可以参考下

最近不是在折腾论坛嘛,各种类各种函数,原创一些,从别人那儿qiang过来一些,在此分享出来,希望有朋友能用的到~

注意:部分函数可能不够完善,由此造成的漏洞风险自担~

提交过滤

function filter($text)
{
 //完全过滤注释
 $text = preg_replace(&#39;/<!--?.*-->/&#39;, &#39;&#39;, $text);
 //完全过滤js
 $text = preg_replace(&#39;/<script?.*\/script>/&#39;, &#39;&#39;, $text);
 //过滤危险的属性,如:过滤on事件lang js
 while (preg_match(&#39;/(<[^><]+)( lang|action|background|codebase|dynsrc|lowsrc)[^><]+/i&#39;, $text, $mat)) {
 $text = str_replace($mat[0], $mat[1], $text);
 }
 while (preg_match(&#39;/(<[^><]+)(window\.|javascript:|js:|about:|file:|document\.|vbs:|cookie)([^><]*)/i&#39;, $text, $mat)) {
 $text = str_replace($mat[0], $mat[1] . $mat[3], $text);
 }
 //过滤多余html
 $text = preg_replace(&#39;/<\/?(html|head|meta|link|base|basefont|body|bgsound|script|form|iframe|frame|frameset|applet|id|ilayer|layer|name|script|xml)[^><]*>/i&#39;, &#39;&#39;, $text);
 //反转换
 $text = str_replace(&#39;[&#39;, &#39;<&#39;, $text);
 $text = str_replace(&#39;]&#39;, &#39;>&#39;, $text);
 $text = str_replace(&#39;|&#39;, &#39;"&#39;, $text);
 return $text;
}

提交过滤2

function stripslashes_array(&$array)
{
 while (list($key, $var) = each($array)) {
 if ($key != &#39;argc&#39; && $key != &#39;argv&#39; && (strtoupper($key) != $key || &#39;&#39; . intval($key) == "$key")) {
 if (is_string($var)) {
 $array[$key] = stripslashes($var);
 }
 if (is_array($var)) {
 $array[$key] = stripslashes_array($var);
 }
 }
 }
 return $array;
}

字符串截取(这个是emlog里提出来的,其实也就是substr的增强版)

function subString($strings, $start, $length)
{
 if (function_exists(&#39;mb_substr&#39;) && function_exists(&#39;mb_strlen&#39;)) {
 $sub_str = mb_substr($strings, $start, $length, &#39;utf8&#39;);
 return mb_strlen($sub_str, &#39;utf8&#39;) < mb_strlen($strings, &#39;utf8&#39;) ? $sub_str . &#39;...&#39; : $sub_str;
 }
 $str = substr($strings, $start, $length);
 $char = 0;
 for ($i = 0; $i < strlen($str); $i++) {
 if (ord($str[$i]) >= 128)
 $char++;
 }
 $str2 = substr($strings, $start, $length + 1);
 $str3 = substr($strings, $start, $length + 2);
 if ($char % 3 == 1) {
 if ($length <= strlen($strings)) {
 $str3 = $str3 .= &#39;...&#39;;
 }
 return $str3;
 }
 if ($char % 3 == 2) {
 if ($length <= strlen($strings)) {
 $str2 = $str2 .= &#39;...&#39;;
 }
 return $str2;
 }
 if ($char % 3 == 0) {
 if ($length <= strlen($strings)) {
 $str = $str .= &#39;...&#39;;
 }
 return $str;
 }
}

IP地址匿名化(最后一位替换为星号)

function AnonymousIP() 
{
 $ip = GetIP();
 if ($ip == "Unknown") {
 $removed_ip = "未知用户";
 }
 if (strpos($ip, ":")) {
 $removed_ip = "IPv6用户";
 } else {
 $reg1 = &#39;/((?:\d+\.){3})\d+/&#39;;
 $reg2 = &#39;~(\d+)\.(\d+)\.(\d+)\.(\d+)~&#39;;
 $removed_ip = preg_replace($reg1, "\\1*", $ip);
 }
 return $removed_ip;
}

获取客户端IP地址

function GetIP()
{
 if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
 $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
 else if (@$_SERVER["HTTP_CLIENT_IP"])
 $ip = $_SERVER["HTTP_CLIENT_IP"];
 else if (@$_SERVER["REMOTE_ADDR"])
 $ip = $_SERVER["REMOTE_ADDR"];
 else if (@getenv("HTTP_X_FORWARDED_FOR"))
 $ip = getenv("HTTP_X_FORWARDED_FOR");
 else if (@getenv("HTTP_CLIENT_IP"))
 $ip = getenv("HTTP_CLIENT_IP");
 else if (@getenv("REMOTE_ADDR"))
 $ip = getenv("REMOTE_ADDR");
 else
 $ip = "Unknown";
 return $ip;
}

字符串加密(支持中文)

function dencrypt($string, $isEncrypt = true, $key = "youdian")
{
 if (!isset($string{0}) || !isset($key{0})) {
 return false;
 }
 
 $dynKey = $isEncrypt ? hash(&#39;sha1&#39;, microtime(true)) : substr($string, 0, 40);
 $fixedKey = hash(&#39;sha1&#39;, $key);
 
 $dynKeyPart1 = substr($dynKey, 0, 20);
 $dynKeyPart2 = substr($dynKey, 20);
 $fixedKeyPart1 = substr($fixedKey, 0, 20);
 $fixedKeyPart2 = substr($fixedKey, 20);
 $key = hash(&#39;sha1&#39;, $dynKeyPart1 . $fixedKeyPart1 . $dynKeyPart2 . $fixedKeyPart2);
 
 $string = $isEncrypt ? $fixedKeyPart1 . $string . $dynKeyPart2 : (isset($string{339}) ? gzuncompress(base64_decode(substr($string, 40))) : base64_decode(substr($string, 40)));
 
 $n = 0;
 $result = &#39;&#39;;
 $len = strlen($string);
 
 for ($n = 0; $n < $len; $n++) {
 $result .= chr(ord($string{$n}) ^ ord($key{$n % 40}));
 }
 return $isEncrypt ? $dynKey . str_replace(&#39;=&#39;, &#39;&#39;, base64_encode($n > 299 ? gzcompress($result) : $result)) : substr($result, 20, -20);
}

检查字符串是否包含中文

function CheckChinese($string)
{
 if (preg_match("/[\x7f-\xff]/", $string)) {
 return true;
 } else {
 return false;
 }
}

隐藏文件真实路径

function FileHeaderJump($file)
{
 header(&#39;Content-Description: File Transfer&#39;);
 header(&#39;Content-Type: application/octet-stream&#39;);
 header(&#39;Content-Disposition: attachment; filename=&#39; . basename($file));
 header(&#39;Content-Transfer-Encoding: binary&#39;);
 header(&#39;Expires: 0&#39;);
 header(&#39;Cache-Control: must-revalidate, post-check=0, pre-check=0&#39;);
 header(&#39;Pragma: public&#39;);
 header(&#39;Content-Length: &#39; . filesize($file));
 ob_clean();
 flush();
 readfile($file);
 exit;
}

生成随机字符串,自定义长度

function CreateRandomString($length)
{
 $chars = &#39;abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789&#39;;
 $password = "";
 for ($i = 0; $i < $length; $i++) {
 $password .= $chars[mt_rand(0, strlen($chars) - 1)];
 }
 return $password;
}


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn