PHP anti-injection security code_PHP tutorial

Brief description: /*************************
Instructions:
Judge whether the passed variable contains illegal characters
Such as $_POST, $_GET
Function: Anti-injection
*****************************/ 

Copy code The code is as follows:

//Illegal characters to be filtered
$ArrFiltrate=array("'",";","union");
//The url to be redirected after an error occurs, if not filled in Default previous page                                                                                                           $value){ 
if (eregi($value,$StrFiltrate)){ 
return true; 
} 
} 
return false; 🎜>/ /Merge $_POST and $_GET
if(function_exists(array_merge)){
$ArrPostAndGet=array_merge($HTTP_POST_VARS,$HTTP_GET_VARS); RS as $key= >$value){                                                    🎜> }                                                                                       🎜> echo "";
if (emptyempty($StrGoUrl)){
echo "";
}else{
echo "";                                                                                 🎜>Save as checkpostandget .php
Then add include("checkpostandget.php") in front of each php file; that's it


Method 2





Copy code

The code is as follows:

/* Filter all GET variables */ 
foreach ($_GET as $get_key=>$get_var) 
{ 
if (is_numeric($get_var)) { 
$get[strtolower($get_key)] = get_int($get_var); 
} else { 
$get[strtolower($get_key)] = get_str($get_var); 🎜>
/* Filter all POST variables */ 
foreach ($_POST as $post_key=>$post_var) 
{ 
if (is_numeric($post_var)) { 
$post[strtolower($post_key)] = get_int($post_var); 
} else { 
$post[strtolower($post_key)] = get_str($post_var); 🎜>
/* Filter function */ 
//Integer filter function 
function get_int($number) 
{ 
return intval($number); 
} 
//String filter function                                                                                           return $ string; 
}

 





http://www.bkjia.com/PHPjc/318902.html

www.bkjia.com

true

http: //www.bkjia.com/PHPjc/318902.html

TechArticle

Brief description: /*************************** Description: Determine whether the passed variables contain illegal characters such as $_POST, $_GET Function: Anti-injection****** ********************/ Copy the code The code is as follows...