php判断xss攻击

PHP中文网Original: 2016-05-25 17:07:321667browse

//判断是否是xss攻击
 
function _xss_check() {
  //urldecode解码已编码的URL 字符串
  //解码 过后的url串
  $temp = strtoupper(urldecode(urldecode($_SERVER[&#39;REQUEST_URI&#39;])));
 
  if(strpos($temp, &#39;<&#39;) !== false || strpos($temp, &#39;"&#39;) !== false || strpos($temp, &#39;CONTENT-TRANSFER-ENCODING&#39;) !== false) {
    die(&#39;报告：xss攻击&#39;);
     }
  return true;
}

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：PHP 动态网站变静态缓存加快网站访问速度Next article：php版子网掩码计算器

See more

phpmystudy2016 version package download-let the world have no difficult php environment
php获取mysql数据库版本号 mysql_get_server_info
php验证身份证号码正确性的函数
PHP implements uploading files without page refresh
淘宝开放API根据卖家昵称获取卖家店铺ID

php判断xss攻击

Related articles