Community Learn Tools Library Leisure
search
English
Home > Backend Development > PHP Tutorial > body text

PHP防流入求教

WBOY
Release: 2016-06-13 12:42:47
Original
817 people have browsed it

PHP防注入求教?

本帖最后由 u010572351 于 2013-06-27 21:10:49 编辑 目前我知道的sql攻击是填入了大量的 '%这样的特殊字符来实现的,如果我是登陆界面想要防sql攻击,

我知道用户名和密码不会出现特殊字符,我使用正则匹配,只要出现了特殊字符我直接就将其打死,这样处理好吗?

还有,addslashes 一般做什么用的啊?麻烦高手多分享下防注入这些,小白知道的太少了。

主要是以下不是很清楚:
magic_quotes_gpc=off
magic_quotes_gpc=on
addslashes()
stripslashes()
str_replace();

如果不是登陆、搜索等入口页面,平时php页面正常的dql语句应该不用考虑注入问题吧。
Related labels:
magic nbsp quotes
source:php.cn
Previous article: PHP+MYSQL,新注册的用户如何创建数据库连接 Next article: 如何获取百度坐标api返回的json格式字符串或对象呢
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
2
1429
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
1284
PX automatic conversion to REM error  <style>html {   font-size: calc(100vw / 3.75);      }...
From 2024-04-16 09:34:16
0
0
4687
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template