Community Learn Tools Library Leisure
search
English
Home > Backend Development > PHP Tutorial > body text

A relatively easy-to-use PHP anti-injection vulnerability filtering function code_PHP tutorial

WBOY
Release: 2016-07-21 15:19:06
Original
803 people have browsed it

Copy code The code is as follows:

//PHP whole-site anti-injection program, which needs to be in a public file require_once this file
//Judge magic_quotes_gpc status
if (@get_magic_quotes_gpc ()) {
$_GET = sec ( $_GET );
$_POST = sec ( $_POST );
$ _COOKIE = sec ( $_COOKIE );
$_FILES = sec ( $_FILES );
}
$_SERVER = sec ( $_SERVER );
function sec(&$array) {
//If it is an array, traverse the array and call recursively
if (is_array ( $array )) {
foreach ( $array as $k => $v ) {
$array [$k] = sec ( $v );
}
} else if (is_string ( $array )) {
//Use addslashes function to process
$array = addslashes ( $array );
} else if (is_numeric ( $array )) {
$array = intval ( $array );
}
return $array;
}
//Integer filter function
function num_check($id) {
if (! $id) {
die ( 'Parameter cannot be empty!' );
} //Judge whether it is empty
else if (inject_check ( $ id )) {
die ( 'Illegal parameter' );
} //Injection judgment
else if (! is_numetic ( $id )) {
die ( 'Illegal parameter' );
}
//Number judgment
$id = intval ($id);
//Integerization
return $id;
}
//Character filter function
function str_check($str) {
if (inject_check ( $str )) {
die ( 'illegal parameter' );
}
//Injection judgment
$str = htmlspecialchars ( $str );
//Convert html
return $str;
}
function search_check($str) {
$str = str_replace ( "_", "_", $str );
//Filter out "_"
$str = str_replace ( "%", "%", $str );
//Filter out "%"
$str = htmlspecialchars ( $str );
//Convert html
return $str;
}
//Form filter function
function post_check($str, $min, $max) {
if (isset ( $min ) && strlen ( $str ) < $min) {
die ( 'minimum $min bytes' );
} else if (isset ( $max ) && strlen ( $ str ) > $max) {
die ( 'Up to $max bytes' );
}
return stripslashes_array ( $str );
}
//Anti-injection function
function inject_check($sql_str) {
return eregi ( 'select|inert|update|delete|'|/*|*|../|./|UNION|into|load_file|outfile', $sql_str );
// www.jb51.net Filter and prevent injection
}
function stripslashes_array(&$array) {
if (is_array ( $array )) {
foreach ( $array as $k => $v ) {
$array [$k] = stripslashes_array ( $v );
}
} else if (is_string ( $array )) {
$array = stripslashes ( $array );
}
return $array;
}
?>

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/325361.htmlTechArticleCopy the code as follows: ?PHP //PHP whole-site anti-injection program, you need to require_once this file in the public file //Judge magic_quotes_gpc status if (@get_magic_quotes_gpc ()) { $_GET = se...
Related labels:
php code function copy Compare injection loopholes use program better filter
source:php.cn
Previous article:Share the method of caching the PHP website to speed up the opening speed_PHP tutorial Next article:PHP multiple keywords highlight implementation code_PHP tutorial
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
Compare Imagick, Adobe Photoshop and Windows - Detect resolution (pixels per centimeter or pixels per inch) This is not a question but an attempt to improve my understanding of how DPI is stored in ...
From 2024-04-06 16:01:27
0
1
397
The execution order of VueJS scheduling functions causes problems I'm trying to display a list of announcements (retrieved from API) on a page. I'm using a ...
From 2024-04-06 10:37:58
0
1
385
Why does the number of cookies in the "Cookie" request header exceed the number of cookies set in the "set-cookie" response header? I'm a newbie to web crawling, so my understanding of http requests is very shallow. When I...
From 2024-04-05 14:52:06
0
1
3571
Can PHPUnit use assert equals to strictly compare two arrays containing objects? I have two arrays of objects. I want to test if these two arrays are equal, but using a st...
From 2024-04-05 13:35:37
0
1
1382
I'm trying to compare values ​​in two columns in two different tables I have two tables, tableA and tableB. Table A has 4 columns, while Table B has 3 columns. ...
From 2024-04-04 20:05:03
0
1
280
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template