Copy code The code is as follows:
function jk1986_checksql()
{
$bad_str = "and|select|update| '|delete|insert|*";
$bad_Array = explode("|",$bad_str);
/**Filter Get parameters **/
foreach ($bad_Array as $bad_a)
{
foreach ($_GET as $g)
{
if (substr_count(strtolower($g),$bad_a) > 0)
{
echo "<script>alert ('Weird characters, please do not try to inject them into this site! Author: Jk1986 QQ:414028660'); location.href='index.php';</script>";
exit();
}
}
}
/**Filter Post parameters **/
foreach ($bad_Array as $bad_a)
{
foreach ($_POST as $p)
{
if (substr_count(strtolower($p),$bad_a) > 0)
{
echo "<script>alert('Weird characters, please do not try to inject them into this site! Author:Jk1986 QQ:414028660');location.href='index.php';</script>";
exit();
}
}
}
/**Filter Cookies Parameters **/
foreach ($bad_Array as $bad_a)
{
foreach ($_COOKIE as $co)
{
if (substr_count(strtolower ($co),$bad_a) > 0)
{
echo "<script>alert('Weird characters, please do not try to inject them into this site! Author: Jk1986 QQ:414028660'); location.href ='index.php';</script>";
exit();
}
}
}
}
Haha similar to asp and asp.net has the same idea, the purpose is to let laziness improve efficiency.88
http://www.bkjia.com/PHPjc/322907.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/322907.htmlTechArticleCopy the code The code is as follows: function jk1986_checksql() { $bad_str = "and|select|update|'|delete| insert|*"; $bad_Array = explode("|",$bad_str); /**Filter Get parameters **/ foreach ($bad_...
Statement:The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn