php代码
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | function inject_check( $sql_str ){
$check = eregi ('select|insert|update| delete |\*|\/\*|\'|\.\.\/|\.\/|UNION|into|load_file|outfile', $sql_str );
if ( $check ){
page_href( "http://" . $_SERVER ['HTTP_HOST']. "/home/sitemap.php" );
exit ();
} else {
return $sql_str ;
}
}
function inject_check2( $sql_str ){
$check = eregi ('javascript|vbscript|expression|applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base|onabort|onactivate|onafterprint|onafterupdate|onbeforeactivate|onbeforecopy|onbeforecut|onbeforedeactivate|onbeforeeditfocus|onbeforepaste|onbeforeprint|onbeforeunload|onbeforeupdate|onblur|onbounce|oncellchange|onchange|onclick|oncontextmenu|oncontrolselect|oncopy|oncut|ondataavailable|ondatasetchanged|ondatasetcomplete|ondblclick|ondeactivate|ondrag|ondragend|ondragenter|ondragleave|ondragover|ondragstart|ondrop|onerror|onerrorupdate|onfilterchange|onfinish|onfocus|onfocusin|onfocusout|onhelp|onkeydown|onkeypress|onkeyup|onlayoutcomplete|onload|onlosecapture|onmousedown|onmouseenter|onmouseleave|onmousemove|onmouseout|onmouseover|onmouseup|onmousewheel|onmove|onmoveend|onmovestart|onpaste|onpropertychange|onreadystatechange|onreset|onresize|onresizeend|onresizestart|onrowenter|onrowexit|onrowsdelete|onrowsinserted|onscroll|onselect|onselectionchange|onselectstart|onstart|onstop|onsubmit|onunload', $sql_str );
if ( $check ){
page_href( "http://" . $_SERVER ['HTTP_HOST']. "/home/sitemap.php" );
exit ();
} else {
}
}
|
Copier après la connexion