SQL universal anti-injection system_PHP tutorial

WBOY
Release: 2016-07-13 17:09:27
Original
1054 people have browsed it

SQL universal anti-injection system The anti-SQL injection code provided in this article is a PHP SQL double filtering illegal character function. It can prevent SQL injection according to the user's customization. First, it filters some SQL commands, and then filters the post get once. It is best. verify.

SQL universal anti-injection system
The anti-sql injection code provided in this article is a php tutorial sql double filtering function of illegal characters. It can prevent sql injection according to the user's customization. First, it filters some sql commands, and then filters the post get once. Finally, Good verification.
*/
//Anti-injection

$arrfiltrate=array("update","delete","selert","drop","exec","cast","'","union");
//The URL to jump to after an error occurs. If not filled in, the previous page will be defaulted
$strgourl="";
//Whether there is a value in the array
function funstringexist($strfiltrate,$arrfiltrate){
foreach ($arrfiltrate as $key=>$value){
If (eregi($value,$strfiltrate)){
             return true;
}
}
return false;
}
//Merge $_post and $_get
if(function_exists(array_merge)){
$arrpostandget=array_merge($http_post_vars,$http_get_vars);
}else{
Foreach($http_post_vars as $key=>$value){
          $arrpostandget[]=$value;
}
Foreach($http_get_vars as $key=>$value){
$arrpostandget[]=$value;
}
}
//Verification starts
foreach($arrpostandget as $key=>$value){
If (funstringexist($value,$arrfiltrate)){
echo " ";
If (empty($strgourl)){
echo " ";
         }else{
echo " ";
}
echo "<script>alert('The system detected an illegal character!');history.back();</script>";
exit();
}
}
?>

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629740.htmlTechArticlesql universal anti-injection system This article provides this anti-sql injection code, which is a php sql double filtering illegal characters Function, it can prevent sql injection according to the user's customization. First, filter some sq...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template