php防止sql注入之过滤分页参数

我们会听过这一种句话，在网络上不要相信任何输入信息，我们都必须进行参数过滤，下面我就来介绍过滤分页参数吧，有需要的朋友可参考。

实例

代码如下

复制代码

$this->load->library ( 'pagination' ); $config ['base_url'] = site_url () . '/guest/show'; $config ['total_rows'] = $c; $config ['per_page'] = $pernum = 15; $config ['uri_segment'] = 3; $config ['use_page_numbers'] = TRUE; $config ['first_link'] = '第一页'; $config ['last_link'] = '最后一页'; $config ['num_links'] = 5; $this->pagination->initialize ( $config ); if (! $this->uri->segment ( 3 )) {     $currentnum = 0; } else {     $currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum:0; }   $current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1; if($current_page){     $data ['title'] = '第'.$current_page.'页-留言本-大冶实验高中首届宏志班网站'; } else{     $data ['title'] = '留言本-大冶实验高中首届宏志班网站'; }   $data ['liuyan'] = $this->ly->getLy ( $pernum, $currentnum );

其中：

代码如下	复制代码
$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1; $currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;

这两句判断了参数是否为数字。防止非法字符输入。