Home > php教程 > php手册 > 浅谈php正则过滤sql注入,以及跨站脚本攻击 新人学习

浅谈php正则过滤sql注入,以及跨站脚本攻击 新人学习

WBOY
Release: 2016-06-06 20:02:05
Original
1198 people have browsed it

php 正则方法 ?php /* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ /** * Description of checksql * * @autho

php 正则方法

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */

/**
 * Description of checksql
 *

 * @author xt

 */
class checkURL{
   function inject_check($get) {
   $checkurl=eregi('select|insert|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile|or|and|-||&|%|limit|where|oR|aNd', $get);//要匹配的字符
   if($checkurl)
   {
     echo "<script>alert('使用非法字符!请文明上网,文明上网');location.href='' http://www.mps.gov.cn/n16/n1966474/“;</script>";
    
     exit();
   }else
   {
     return $get;
   }
}

}

调用方法

require_once 'url/checksql.php';                         //根据自己的路径

$check=new checkURL();                                     //创建对象
$id=$check->inject_check($_GET['id']);           //将url传入的参数 传入调用的正则方法

参数$id 匹配过后可以去传入自定义方法使用

以上方法 如有问题或是其他的更好的意见及建议 欢迎大家一起交流



source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Recommendations
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template