网站地图
【www.gdgbn.com--php常用代码】
//==防注入自动过滤[启用后程序效率低]==========================================================================================
/*
function inject_checks($sql_str){return eregi("select|insert|update|delete|"|/*|*|../|./|union|into|load_file|outfile", $sql_str);}
foreach ($_REQUEST as $value){if (inject_checks($value)){echo "<script language=javascript>alert("你提交的数据非法,请检查后重新提交!");</script>";exit;}}
*/
//==防注[inject_check($sql_str)]==========================================================================================
function inject_check($sql_str){
if (eregi("select|insert|update|delete|union|into|load_file|outfile", $sql_str)){echo "<script language=javascript>alert("你提交的数据非法,请检查后重新提交!");</script>";exit;}
return $sql_str;
}
//==字符过滤[safe_convert($string)]==============================================================================
function safe_convert($string){ //Words Filter
if(get_magic_quotes_gpc()){ //转义字符 加上反斜线
$string=htmlspecialchars($string, ENT_QUOTES); //将特殊字元转成HTML字串格式如 "&"转成"&"
$string=str_replace("<","<",$string); //替换
$string=str_replace(">",">",$string); //替换
$string=str_replace("\", "\", $string); //替换
} else {
$string=addslashes($string); //转义字符 加上反斜线 //$string=stripslashes($string); //去掉反斜线
$string=str_replace("\\", "\", $string);
}
//$string=str_replace("r","
",$string); //换行
//$string=str_replace("n","",$string); //空格
$string=str_replace("t"," ",$string); //空格
$string=str_replace(" "," ",$string); //空格
//$string=str_replace("|", "|", $string); //替换 同分类系统有冲突
$string=str_replace("`","`",$string); //替换
$string=str_replace("\","\",$string); //替换
return $string;
}
//==字符反过滤[unsafe_convert($string)]==============================================================================
function unsafe_convert($string){ //Words Filter
$string=str_replace("\"",""",$string); //替换
return $string;
}
//==字符过滤[filter($string)]============================================================================================
function filter($string){ //Words Filter
include("Filter.php");//词汇过滤列表
foreach($badwords as $badword){
if(stristr($string,$badword)==true){echo "<script language=javascript>alert("警告:你提交的内容含有敏感字眼,请更换内容。");</script>";exit;}
}
return $string;
}