Maison > php教程 > php手册 > PHP利用str_replace()函数防注入


Libérer: 2016-06-13 09:50:14
913 Les gens l'ont consulté




 代码如下 复制代码

    * 安全过滤函数
    * @param $string
    * @return string
    function safe_replace($string) {
    $string = str_replace('%20','',$string);
    $string = str_replace('%27','',$string);
    $string = str_replace('%2527','',$string);
    $string = str_replace('*','',$string);
    $string = str_replace('"','"',$string);
    $string = str_replace("'",'',$string);
    $string = str_replace('"','',$string);
    $string = str_replace(';','',$string);
    $string = str_replace('     $string = str_replace("{",'',$string);
    $string = str_replace('}','',$string);
    $string = str_replace('','',$string);
    return $string;

    * 返回经addslashes处理过的字符串或数组
    * @param $string 需要处理的字符串或数组
    * @return mixed
    function new_addslashes($string) {
    if(!is_array($string)) return addslashes($string);
    foreach($string as $key => $val) $string[$key] = new_addslashes($val);
    return $string;

    0 为不处理,
    1 为禁止不安全HTML内容(javascript等),
    2 完全禁止HTML内容,并替换部份不安全字符串(如:eval(、union、CONCAT(、--、等)
    function StringSafe($str, $safestep=-1){
    $safestep = ($safestep > -1) ? $safestep : 1;
    if($safestep == 1){
    $str = preg_replace("#script:#i", "script:", $str);
    $str = preg_replace("#]*>#isU", '', $str);
    $str = preg_replace("#[ ]{1,}#", ' ', $str);
    return $str;
    }else if($safestep == 2){
    $str = addslashes(htmlspecialchars(stripslashes($str)));
    $str = preg_replace("#eval#i", 'eval', $str);
    $str = preg_replace("#union#i", 'union', $str);
    $str = preg_replace("#concat#i", 'concat', $str);
    $str = preg_replace("#--#", '--', $str);
    $str = preg_replace("#[ ]{1,}#", ' ', $str);
    return $str;
    return $str;

        * 输出安全的html,用于过滤危险代码
        * @access public
        * @param string $text 要处理的字符串
        * @param mixed $tags 允许的标签列表,如 table|td|th|td
        * @return string
       static public function safeHtml($text, $tags = null)
           $text =  trim($text);
           $text = preg_replace('//','',$text);
           $text =  preg_replace('/|?'.'>/','',$text);
           $text = preg_replace('/<script>/','',$text);<br /> $text = str_replace('[','&#091;',$text);<br /> $text = str_replace(']','&#093;',$text);<br /> $text = str_replace('|','&#124;',$text);<br /> //过滤换行符<br /> $text = preg_replace('/ ? /','',$text);<br /> //br<br /> $text = preg_replace('/<br(s/)?'.'>/i','[br]',$text);<br /> $text = preg_replace('/([br]s*){10,}/i','[br]',$text);<br /> //过滤危险的属性,如:过滤on事件lang js<br /> while(preg_match('/(<[^><]+)(lang|on|action|background|codebase|dynsrc|lowsrc)[^><]+/i',$text,$mat)){<br /> $text=str_replace($mat[0],$mat[1],$text);<br /> }<br /> while(preg_match('/(<[^><]+)(window.|javascript:|js:|about:|file:|document.|vbs:|cookie)([^><]*)/i',$text,$mat)){<br /> $text=str_replace($mat[0],$mat[1].$mat[3],$text);<br /> }<br /> if( empty($allowTags) ) { $allowTags = self::$htmlTags['allow']; }<br /> //允许的HTML标签<br /> $text = preg_replace('/<('.$allowTags.')( [^><[]]*)>/i','[12]',$text);<br /> //过滤多余html<br /> if ( empty($banTag) ) { $banTag = self::$htmlTags['ban']; }<br /> $text = preg_replace('/</?('.$banTag.')[^><]*>/i','',$text);<br /> //过滤合法的html标签<br /> while(preg_match('/<([a-z]+)[^><[]]*>[^><]*</1>/i',$text,$mat)){<br /> $text=str_replace($mat[0],str_replace('>',']',str_replace('<','[',$mat[0])),$text);<br /> }<br /> //转换引号<br /> while(preg_match('/([[^[]]*=s*)("|')([^2=[]]+)2([^[]]*])/i',$text,$mat)){<br /> $text=str_replace($mat[0],$mat[1].'|'.$mat[3].'|'.$mat[4],$text);<br /> }<br /> //空属性转换<br /> $text = str_replace('''','||',$text);<br /> $text = str_replace('""','||',$text);<br /> //过滤错误的单个引号<br /> while(preg_match('/[[^[]]*("|')[^[]]*]/i',$text,$mat)){<br /> $text=str_replace($mat[0],str_replace($mat[1],'',$mat[0]),$text);<br /> }<br /> //转换其它所有不合法的 < ><br /> $text = str_replace('<','<',$text);<br /> $text = str_replace('>','>',$text);<br /> $text = str_replace('"','"',$text);<br /> //反转换<br /> $text = str_replace('[','<',$text);<br /> $text = str_replace(']','>',$text);<br /> $text = str_replace('|','"',$text);<br /> //过滤多余空格<br /> $text = str_replace(' ',' ',$text);<br /> return $text;<br /> }<br /> ?></script>

        function RemoveXSS($val) {
       // remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
       // this prevents some character re-spacing such as
       // note that you have to handle splits with , , and later since they *are* allowed in some          // inputs
       $val = preg_replace('/([x00-x08,x0b-x0c,x0e-x19])/', '', $val);
       // straight replacements, the user should never need these since they're normal characters
       // this prevents like PHP利用str_replace()函数防注入
       $search = 'abcdefghijklmnopqrstuvwxyz';
       $search .= '1234567890!@#$%^&*()';
       $search .= '~`";:?+/={}[]-_|'';
       for ($i = 0; $i            // ;? matches the ;, which is optional
           // 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
           // @ @ search for the hex values
           $val = preg_replace('/([xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val);//with a ;
           // @ @ 0{0,7} matches '0' zero to seven times
           $val = preg_replace('/({0,8}'.ord($search[$i]).';?)/', $search[$i], $val); // with a ;
       // now the only remaining whitespace attacks are , , and 
       $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
       $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
       $ra = array_merge($ra1, $ra2);
       $found = true; // keep replacing as long as the previous round replaced something
       while ($found == true) {
           $val_before = $val;
           for ($i = 0; $i                $pattern = '/';
               for ($j = 0; $j                    if ($j > 0) {
                       $pattern .= '(';
                       $pattern .= '([xX]0{0,8}([9ab]);)';
                       $pattern .= '|';
                       $pattern .= '|({0,8}([9|10|13]);)';
                       $pattern .= ')*';
                   $pattern .= $ra[$i][$j];
               $pattern .= '/i';
               $replacement = substr($ra[$i], 0, 2).''.substr($ra[$i], 2); // add in to nerf the tag
               $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
               if ($val_before == $val) {
                   // no replacements were made, so exit the loop
                   $found = false;
       return $val;

Déclaration de ce site Web
Le contenu de cet article est volontairement contribué par les internautes et les droits d'auteur appartiennent à l'auteur original. Ce site n'assume aucune responsabilité légale correspondante. Si vous trouvez un contenu suspecté de plagiat ou de contrefaçon, veuillez contacter
Derniers numéros
Recommandations populaires
Tutoriels populaires
Derniers téléchargements
effets Web
Code source du site Web
Matériel du site Web
Modèle frontal