PHP data filtering function and method examples, PHP filtering function examples_PHP tutorial

Examples of php data filtering functions and methods, examples of php filtering functions

1. Basic principles of php submitted data filtering

　1) When submitting variables into the database, we must use addslashes() performs filtering. For example, our injection problem can be solved with just addslashes(). In fact, when it comes to variable values, the intval() function is also a good choice for filtering strings.

2) Enable magic_quotes_gpc and magic_quotes_runtime in php.ini. magic_quotes_gpc can change the quotation marks in get, post, and cookie into slashes. magic_quotes_runtime can play a formatting role in data entering and exiting the database. In fact, this parameter was very popular back in the old days when injection was crazy.

3) When using system functions, you must use escapeshellarg() and escapeshellcmd() parameters to filter, so that you can use system functions with confidence.

4) For cross-site, the two parameters of strip_tags() and htmlspecialchars() are both good. All tags with html and php submitted by users will be converted. For example, angle brackets "<" will be converted into harmless characters such as "<".

The code is as follows Copy the code

$new = htmlspecialchars("Test", ENT_QUOTES);

strip_tags($text,);

5) For Filtering of related functions, just like the previous include(), unlink, fopen(), etc., as long as you specify the variables you want to perform the operation or filter the related characters strictly, I think this will be impeccable.

2. PHP simple data filtering

1) Inbound: trim($str), addslashes($str)

2) Outbound: stripslashes($str )

　3) Display: htmlspecialchars(nl2br($str))

Look at the example below for further discussion of dispatch.php script:

The code is as follows Copy the code

7200ae2e2d4084843283991d6971f895

　　

php表单获取用户输入数据后过滤的流程

addslashes
htmlspecialchars

mysql_real_escape_string
数字的可以用intval()，最好在之前就循环$_POST，挨个的addslashes或者其他函数。
上面都可以，根据需要来。
 

php过滤数据问题

假定你的数据在数据$demo中，我们来写段代码进行过滤。
$count = 0;
foreach($demo as $ditem){
if(($ditem['a']==0)||($ditem['b']==0)||($ditem['c']==0)||($ditem['c']==0)) continue;
echo $ditem['id'].' '.$ditem['a'].' '.$ditem['b'].' '.$ditem['c'].' '.$ditem['d'].' '.$ditem['e']."
";
$count++;

}
echo '总行数:'.$count;
 

http://www.bkjia.com/PHPjc/908127.htmlwww.bkjia.comtruehttp://www.bkjia.com/PHPjc/908127.htmlTechArticlephp数据过滤函数与方法示例，php过滤函数示例 1、php提交数据过滤的基本原则 1)提交变量进数据库时，我们必须使用addslashes()进行过滤，像...