PHP对特殊字符进行安全过滤的方法与代码示例
- function CheckHacks($checkinfo,$action){ //action 0 直接退出并提示,1只替换掉危险词
-
- $badwords=array("<",">","'","&");
-
- for ($i=0;$i
-
- if (strpos($checkinfo,$badwords[$i])!=false){
-
- if ($action=="0"){
- echo "系统检测到有禁止的特殊字符:".$badwords[$i];
- exit;
- break;
- }elseif ($action=="1"){
- $checkinfo=str_replace($badwords[$i],"",$checkinfo);
- }
- }
-
- }
-
- if ($action=="1"){
- echo $checkinfo;
- }
- }
-
-
- //*********************调用函数*******************************
- $usersql="my have still & < is_numberic";
- CheckHacks($usersql,0);
- //***********************************************************
-
- ?>
|
