php 防止sql注入代码

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Release： 2016-06-13 10:11:54

Original

808 people have browsed it

php教程防止sql注入代码

function inject_check($sql_str) { //防止注入
  $check = eregi('select|insert|update|delete|'|/*|*|../|./|union|into|load_file|outfile', $sql_str);
  if ($check) {
   echo "输入非法注入内容！";
   exit ();
  } else {
   return $sql_str;
  }
}
function checkurl() { //检查来路
  if (preg_replace("/https教程?://([^:/]+).*/i", "1", $_server['http_referer']) !== preg_replace("/([^:]+).*/", "1", $_server['http_host'])) {
   header("location: http://www.zhutiai.com");
   exit();
  }
}

//调用
checkurl();
$str = $_get['url'];
inject_check($sql_str);//这条可以在获取参数时执行操作

Related labels：

check function inject php s sql code Tutorial injection prevent

source：php.cn

Previous article：php获取表单数组的数据方法 Next article：php简单生成验证码

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn