Home > Article > Backend Development > PHP prevents sql injection code example_PHP tutorial
PHP prevents sql injection code example_PHP tutorial
- WBOYOriginal
- 2016-07-13 17:18:07682browse
Put it into a common call file (such as the conn database link file) and filter all GET or POST data with special strings to achieve simple and effective SQL injection filtering
Copy code The code is as follows:
Function inject_check($sql_str) {
return eregi('select|insert| and|or|update|delete|'|/*|*|../|./|union|into|load_file|outfile', $sql_str);
}
if (inject_check($_SERVER[' QUERY_STRING'])==1 or inject_check(file_get_contents("php://input"))==1){
//echo "Warning illegal access!";
header("Location: Error.php ");
}
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP specifies the default value of function parameter sample code_PHP tutorialNext article:PHP specifies the default value of function parameter sample code_PHP tutorial