Home > Article > Backend Development > PHP prevents SQL injection code_PHP tutorial
PHP prevents SQL injection code_PHP tutorial
- WBOYOriginal
- 2016-07-13 17:09:45948browse
php tutorial to prevent sql injection code
*/
function inject_check($sql_str) { //Prevent injection
$check = eregi('select|insert|update|delete|'|/*|*|../|./|union|into|load_file|outfile', $sql_str);
if ($check) {
echo "Enter illegal injection content!";
exit ();
} else {
Return $sql_str;
}
}
function checkurl() { //Check the source
if (preg_replace("/httpstutorial?://([^:/]+).*/i", "1", $_server['http_referer']) !== preg_replace("/([^:] +).*/", "1", $_server['http_host'])) {
Header("location: http://www.zhutiai.com");
exit();
}
}
//Call
checkurl();
$str = $_get['url'];
inject_check($sql_str);//This can be performed when getting parameters
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP anti-sql injection filtering code_PHP tutorialNext article:PHP anti-sql injection filtering code_PHP tutorial