<table cellspacing="0" cellpadding="0"><tr><td class="t_f" id="postmessage_43472"> <div class="blockcode"> <div id="code_TAp"><ol> <li> <li><?php<li>//防注入函数<li>function inject_check($sql_str){<li> $check = eregi('select|insert|update|delete|*|/*|'|../|./|UNION|into|load_file|outfile',$sql_str);<li> if($check){ <li> page_href("http://".$_SERVER['HTTP_HOST']."/home/sitemap.php");<li> exit(); <li> }else{<li> return $sql_str;<li> }<li>}<li>//防跨站攻击<li>function inject_check2($sql_str){<li> $check = <li> eregi('javascript|vbscript|expression|applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|<li>frameset|ilayer|layer<li>|bgsound|title|base|onabort|onact<li> ivate|onafterprint|onafterupdate|onbeforeactivate|onbeforecopy|onbeforecut|onbeforedeactivate|onbeforeeditfocus<li>|onbeforepaste|onbeforeprint|onbeforeunload|onb<li> eforeupdate|onblur|onbounce|oncellchange|onchange|onclick|oncontextmenu|oncontrolselect|oncopy|oncut|<li>ondataavailable<li>|ondatasetchanged|ondatasetcomplete|ondblc<li> lick|ondeactivate|ondrag|ondragend|ondragenter|ondragleave|ondragover|ondragstart|<li>ondrop|onerror|onerrorupdate<li>|onfilterchange|onfinish|onfocus|onfocusin|onfoc<li> usout|onhelp|onkeydown|onkeypress|onkeyup|onlayoutcomplete|onload|onlosecapture<li>|onmousedown|onmouseenter|<li>onmouseleave|onmousemove|onmouseout|onmouseover|onmou<li> seup|onmousewheel|onmove|onmoveend|onmovestart|onpaste|onpropertychange|onreadystatechange|onreset|<li>onresize|onresizeend|onresizestart|onrowenter|onrowexit|onr<li> owsdelete|onrowsinserted|onscroll|onselect|onselectionchange|onselectstart|onstart|onstop|<li>onsubmit|onunload',$sql_str);<li> if($check){ <li> page_href("http://".$_SERVER['HTTP_HOST']."/home/sitemap.php");<li> exit(); <li> }else{<li> //return $sql_str;<li> }<li>} //by bbs.it-home.org<li>?></li> </ol></div> <em onclick="copycode($('code_TAp'));">复制代码</em> </div> </td></tr></table> <div id="comment_43472" class="cm"> </div> <div id="post_rate_div_43472"></div> <br><br>