Haha, I have posted a paragraph before, here is another paragraph. The company believes that these two codes in this project are very good and can prevent all code attacks, so I will publish them here. Please break it, please hurry up and break it.
- function gjj($str)
- {
- $farr = array(
- "/\s+/",
- "/<(\/?)(script|i?frame|style|html|body|title |link|meta|object|\?|\%)([^>]*?)>/isU",
- "/(<[^>]*)on[a-zA-Z]+ s*=([^>]*>)/isU",
- );
- $str = preg_replace($farr,"",$str);
- return addslashes($str);
- }
-
- function hg_input_bb ($array)
- {
- if (is_array($array))
- {
- foreach($array AS $k => $v)
- {
- $array[$k] = hg_input_bb($v);
- }
- }
- else
- {
- $array = gjj($array);
- }
- return $array;
- }
- $_REQUEST = hg_input_bb($_REQUEST);
- $_GET = hg_input_bb($_GET);
- $_POST = hg_input_bb( $_POST);
Copy code
|