Backend Development
PHP Tutorial
Collect some PHP functions that normalize input and output_PHP tutorial
Collect some PHP functions that normalize input and output_PHP tutorial
在PHP网站开发过程中会遇到很多需要转义的地方,下面推荐几个很好的函数,可以很好地增强网站的输入输出规范化问题。
1. 纯文本输出,适合input
function t($text){
$text = h($text);
$text = strip_tags($text);
return $text;
}
2. 多行纯文本 适合textarea
function text($text)
{
return trim(nl2br(str_replace(' ', ' ', htmlspecialchars($text))));
}
3. 将html换行变成回车
function br2nl($text)
{
return trim(preg_replace('/<br\\s*\/?'.'>/i', '', $text));
}
4. 输出安全的html
function h($text){
$text = trim($text);
$text = stripslashes($text);
//完全过滤注释
$text = preg_replace('/<!--?.*-->/','',$text);
//完全过滤动态代码
$text = preg_replace('/<\?|\?'.'>/','',$text);
//完全过滤js
$text = preg_replace('/<script?.*\/script>/','',$text);
$text = str_replace('[','[',$text);
$text = str_replace(']',']',$text);
$text = str_replace('|','|',$text);
//过滤换行符
$text = preg_replace('/\r?\n/','',$text);
//br
$text = preg_replace('/<br(\s\/)?'.'>/i','[br]',$text);
$text = preg_replace('/(\[br\]\s*){10,}/i','[br]',$text);
//hr img area input
$text = preg_replace('/<(hr|img|input|area|isindex)( [^><\[\]]*)>/i','[\1\2]',$text);
//过滤多余html
$text = preg_replace('/<\/?(html|head|meta|link|base|body|title|style|script|form|iframe|frame|frameset)[^><]*>/i','',$text);
//过滤on事件lang js
while(preg_match('/(<[^><]+)( lang|onfinish|onmouse|onexit|onerror|onclick|onkey|onload|onchange|onfocus|onblur)[^><]+/i',$text,$mat)){
$text=str_replace($mat[0],$mat[1],$text);
}
while(preg_match('/(<[^><]+)(window\.|javascript:|js:|about:|file:|document\.|vbs:|cookie)([^><]*)/i',$text,$mat)){
$text=str_replace($mat[0],$mat[1].$mat[3],$text);
}
//过滤合法的html标签
while(preg_match('/<([a-z]+)[^><\[\]]*>[^><]*<\/\1>/i',$text,$mat)){
$text=str_replace($mat[0],str_replace('>',']',str_replace('<','[',$mat[0])),$text);
}
//转换引号
while(preg_match('/(\[[^\[\]]*=\s*)(\"|\')([^\2=\[\]]+)\2([^\[\]]*\])/i',$text,$mat)){
$text=str_replace($mat[0],$mat[1].'|'.$mat[3].'|'.$mat[4],$text);
}
//过滤错误的单个引号
while(preg_match('/\[[^\[\]]*(\"|\')[^\[\]]*\]/i',$text,$mat)){
$text=str_replace($mat[0],str_replace($mat[1],'',$mat[0]),$text);
}
//转换其它所有不合法的 < >
$text = str_replace('<','<',$text);
$text = str_replace('>','>',$text);
$text = str_replace('"','"',$text);
//反转换
$text = str_replace('[','<',$text);
$text = str_replace(']','>',$text);
$text = str_replace('|','"',$text);
//过滤多余空格
$text = str_replace(' ',' ',$text);
return $text;
}
5. 过滤脚本代码
function cleanJs($text){
$text = trim($text);
$text = stripslashes($text);
//完全过滤动态代码
$text = preg_replace('/<\?|\?'.'>/','',$text);
//完全过滤js
$text = preg_replace('/<script?.*\/script>/','',$text);
//过滤多余html
$text = preg_replace('/<\/?(html|head|meta|link|base|body|title|style|script|form|iframe|frame|frameset)[^><]*>/i','',$text);
//过滤on事件lang js
while(preg_match('/(<[^><]+)(lang|onfinish|onmouse|onexit|onerror|onclick|onkey|onload|onchange|onfocus|onblur)[^><]+/i',$text,$mat)){
$text=str_replace($mat[0],$mat[1],$text);
}
while(preg_match('/(<[^><]+)(window\.|javascript:|js:|about:|file:|document\.|vbs:|cookie)([^><]*)/i',$text,$mat)){
$text=str_replace($mat[0],$mat[1].$mat[3],$text);
}
return $text;
}
6. 在编辑器中显示纯文本
function et($text)
{
return trim(br2nl(str_replace(' ', ' ', $text )));
}
7. 在html编辑器中显示html
function eh($text)
{
return trim(str_replace('"','"', $text));
}
8. 判断时间距离
function friendlyDate($sTime,$type = 'normal',$alt = 'false') {
//sTime=源时间,cTime=当前时间,dTime=时间差
$cTime = time();
$dTime = $cTime - $sTime;
$dDay = intval(date("Ymd",$cTime)) - intval(date("Ymd",$sTime));
$dYear = intval(date("Y",$cTime)) - intval(date("Y",$sTime));
//normal:n秒前,n分钟前,n小时前,日期
if($type=='normal'){
if( $dTime < 60 )
{
echo $dTime."秒前";
}
elseif( $dTime < 3600 )
{
echo intval($dTime/60)."分钟前";
}
elseif( $dTime >= 3600 && $dDay == 0 )
{
echo intval($dTime/3600)."小时前";
}
elseif($dYear==0)
{
echo date("m-d ,H:i",$sTime);
}
else
{
echo date("Y-m-d ,H:i",$sTime);
}
//full: Y-m-d , H:i:s
}
elseif($type=='full')
{
echo date("Y-m-d , H:i:s",$sTime);
}
}
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to standardize performance optimization through PHP code specifications
Aug 11, 2023 pm 03:51 PM
How to standardize performance optimization through PHP code specifications Introduction: With the rapid development of the Internet, more and more websites and applications are developed based on the PHP language. In the PHP development process, performance optimization is a crucial aspect. A high-performance PHP code can significantly improve the website's response speed and user experience. This article will explore how to standardize performance optimization through PHP code specifications and provide some practical code examples for reference. 1. Reduce database queries. Frequent database queries are a common feature during the development process.
How to solve: Java input and output error: File read error
Aug 17, 2023 pm 03:21 PM
How to solve: Java input and output error: File read error When using Java for file read operations, sometimes you will encounter file read errors. This error may be caused by incorrect file path, non-existent file, insufficient permissions, etc. This article will explain how to solve the file read error problem in Java input and output errors, and provide code examples to illustrate the solution. Confirm whether the file path is correct. When reading a file in Java, you must first ensure that the file path is correct. The file path can be an absolute path
How to do code style checking and normalization in GitLab
Oct 25, 2023 am 08:38 AM
How to perform code style checking and standardization in GitLab. The style and specifications of the code are very important for the development of team projects. Unified code specifications can improve code readability, maintainability and scalability, and reduce potential bugs and errors. In team development, by using version control tools such as GitLab to manage project code, code style checking and standardization can be easily performed. This article will introduce how to perform code style checking and standardization in GitLab, and provide specific code examples. Configure code inspection
Detailed explanation of how to use scanf function in C language
Feb 21, 2024 pm 06:30 PM
Detailed explanation and code examples of how to use the scanf function in C language. C language is a programming language widely used in various software development. Its input and output functions play a very important role in writing programs. Among them, the scanf function is one of the functions in C language used to read standard input. It can read data from the keyboard according to a specific format and store it in a specified variable. This article will introduce the use of the scanf function in detail and provide some example codes for examples. First, let’s take a look at the scanf function
How to optimize form validation and data input validation in PHP development
Oct 08, 2023 am 09:17 AM
How to optimize form validation and data input validation in PHP development [Introduction] In Web development, form validation and data input validation are very important steps. They can ensure the legality and security of the data entered by the user. Not only can it avoid user input errors or malicious input, but it can also protect the database or application from attacks such as SQL injection. This article will introduce how to optimize form validation and data input validation in PHP development, and provide specific code examples. [1. Server-side verification] The first step is to provide the user with
Practical tips for normalizing and formatting PyCharm code
Feb 23, 2024 pm 02:54 PM
PyCharm is an integrated development environment (IDE) commonly used by Python developers. It provides a wealth of functions and tools to improve code quality and efficiency. Among them, code standardization and formatting is one of the important steps in writing high-quality code. This article will introduce some practical techniques and functions in PyCharm to help developers standardize and format Python code. Automatic PEP8 specification check PEP8 is the code specification guide officially provided by Python, which includes a series of coding styles, naming conventions, etc.
Standardized practice of designing RESTful API in Vue project
Jun 09, 2023 pm 04:11 PM
With the continuous development and popularity of front-end frameworks, single-page applications have become one of the mainstream among web applications. Among them, Vue.js is loved by developers because of its simplicity, ease of learning and efficient development. However, unlike traditional web applications, single-page applications need to interact with back-end APIs to obtain data and perform various operations. In order to make the interaction between the front end and the back end more convenient, efficient and maintainable, it is very important to design the standardized practice of RESTful API in the Vue project. REST (Repre
What are the input and output statements in C++?
Feb 01, 2023 pm 05:31 PM
C++ input and output statements include: 1. scanf() statement, used to read data input from the keyboard; 2. printf() statement, used to output specified format information to the standard output device; 3. cout statement, representing standard output , when using cout for output, you need to follow the "<<" operator; 4. The cin statement represents standard input, and when using cin for input, you need to follow the ">>" operator.
