Home > Article > Backend Development > PHP method to quickly find malicious code in the database_PHP tutorial
PHP method to quickly find malicious code in the database_PHP tutorial
- WBOYOriginal
- 2016-07-13 09:58:41946browse
How to quickly find malicious code in the database in php
This article describes an example of how to quickly find malicious code in the database in php. Share it with everyone for your reference. The details are as follows:
The database has been entered with malicious code. In order to ensure the security of your database, you must clean it carefully. With the following super convenient function, you can quickly remove malicious code from your database.
10 11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
function cleanInput($input) { $search = array( '@]*?>.*?@si', // Strip out javascript '@<[/!]*?[^<>]*?>@si', // Strip out HTML tags '@ ]*?>.*? @siU', // Strip style tags properly '@@' // Strip multi-line comments ); $output = preg_replace($search, '', $input); return $output; } function sanitize($input) { if (is_array($input)) { foreach($input as $var=>$val) { $output[$var] = sanitize($val); } } else { if (get_magic_quotes_gpc()) { $input = stripslashes($input); } $input = cleanInput($input); $output = mysql_real_escape_string($input); } return $output; } // Usage: $bad_string = "Hi! It's a good day!"; $good_string = sanitize($bad_string); // $good_string returns "Hi! It's a good day!" // Also use for getting POST/GET variables $_POST = sanitize($_POST); $_GET = sanitize($_GET); |