php $_GET $_POST过滤sql注入程序代码

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Release： 2016-05-25 16:41:37

Original

1077 people have browsed it

本文章来给大家介绍一个php $_GET $_POST过滤sql注入程序代码函数,希望些函数对各位朋友有帮助,此函数只能过滤一些敏感的sql命令了,像id=1这种大家还是需要自己简单过滤了,代码如下:

<?php
if (!get_magic_quotes_gpc()) {
    if (!emptyempty($_GET)) {
        $_GET = addslashes_deep($_GET);
    }
    if (!emptyempty($_POST)) {
        $_POST = addslashes_deep($_POST);
    }
    $_COOKIE = addslashes_deep($_COOKIE);
    $_REQUEST = addslashes_deep($_REQUEST);
}
function addslashes_deep($value) {
    if (emptyempty($value)) {
        return $value;
    } else {
        return is_array($value) ? array_map(&#39;addslashes_deep&#39;, $value) : addslashes($value);
    }
}
?>

Copy after login

教程链接:

随意转载~但请保留教程地址★

Related labels：

php

Previous article：php 防止查询的sql攻击方法总结 Next article：PHP验证码生成与验证例子

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn