Home > Backend Development > PHP Tutorial > php防止sql注入之过滤分页参数实例_PHP

php防止sql注入之过滤分页参数实例_PHP

WBOY
Release: 2016-05-31 19:28:45
Original
861 people have browsed it

本文实例讲述了php防止sql注入中过滤分页参数的方法。分享给大家供大家参考。具体分析如下:

就网络安全而言,在网络上不要相信任何输入信息,对于任何输入信息我们都必须进行参数过滤。对此,我们先来看看下面的实例:

代码如下:

$this->load->library ( 'pagination' );
$config ['base_url'] = site_url () . '/guest/show';
$config ['total_rows'] = $c;
$config ['per_page'] = $pernum = 15;
$config ['uri_segment'] = 3;
$config ['use_page_numbers'] = TRUE;
$config ['first_link'] = '第一页';
$config ['last_link'] = '最后一页';
$config ['num_links'] = 5;
$this->pagination->initialize ( $config );
if (! $this->uri->segment ( 3 )) {
    $currentnum = 0;
} else {
    $currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum:0;
}
 
$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;
if($current_page){
    $data ['title'] = '第'.$current_page.'页-留言本-防SQL注入测试';
}
else{
    $data ['title'] = '留言本-防SQL注入测试';
}
 
$data ['liuyan'] = $this->ly->getLy ( $pernum, $currentnum );


其中:

代码如下:

$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;
$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;


这两句判断了参数是否为数字。防止非法字符输入。

希望本文所述对大家的PHP程序设计有所帮助。

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template