php anti-injection_PHP tutorial

php anti-injection function php injection php injection tool php sql injection php manual injection Mingxiaozi php injection tool php injection tutorial php mysql injection php sql injection tool php prevent sql injection

/***************************
Description:
Determine whether the passed variable contains illegal characters
Such as $_POST, $_GET
Function:
Anti-injection
**************************/

//Illegal characters to be filtered
$ArrFiltrate=array("''''",";","union");
//The URL to jump to after an error occurs. If not filled in, the previous page will be defaulted
$StrGoUrl="";
//Whether there is a value in the array
function FunStringExist($StrFiltrate,$ArrFiltrate){
foreach ($ArrFiltrate as $key=>$value){
If (eregi($value,$StrFiltrate)){
        return true;
}
}
return false;
}

//Merge $_POST and $_GET
if(function_exists(array_merge)){
$ArrPostAndGet=array_merge($HTTP_POST_VARS,$HTTP_GET_VARS);
}else{
foreach($HTTP_POST_VARS as $key=>$value){
          $ArrPostAndGet[]=$value;
}
Foreach($HTTP_GET_VARS as $key=>$value){
          $ArrPostAndGet[]=$value;
}
}

//Verification starts
foreach($ArrPostAndGet as $key=>$value){
If (FunStringExist($value,$ArrFiltrate)){
echo "";
If (empty($StrGoUrl)){
echo "";
         }else{
echo "";
}
exit;
}
}
?>

Save as checkpostandget.php
Then add include("checkpostandget.php"); in front of each php file

http://www.bkjia.com/PHPjc/629761.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629761.htmlTechArticlephp anti-injection function php injection php injection tool php sql injection php manual injection Ming boy php injection tool php injection tutorial php mysql injection php sql injection tool php prevent sql injection?php...