简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW) 日本語(JA) 한국어(KO) Melayu(MS) Français(FR) Deutsch(DE)
Home > Backend Development > PHP Tutorial > body text

Perfect PHP anti-SQL injection code_PHP tutorial

WBOY
Release: 2016-07-13 17:10:15
Original
1382 people have browsed it

A relatively perfect PHP anti-SQL injection code. Many beginners have the experience of being SQL injection. Today we will share with you a relatively complete SQL anti-injection code. Students in need can refer to it/

 代码如下 复制代码
/*************************
说明:
判断传递的变量中是否含有非法字符

如$_POST、$_GET
功能:
防注入
*************************/
//要过滤的非法字符
$ArrFiltrate=array("'","or","and","union","where");
//出错后要跳转的url,不填则默认前一页
$StrGoUrl="";
//是否存在数组中的值
function FunStringExist($StrFiltrate,$ArrFiltrate){
foreach ($ArrFiltrate as $key=>$value){
 if (eregi($value,$StrFiltrate)){
   return true;
 }
 }
 return false;
 }
 //合并$_POST 和 $_GET
 if(function_exists(array_merge)){
 $ArrPostAndGet=array_merge($HTTP_POST_VARS,$HTTP_GET_VARS);
 }else{
 foreach($HTTP_POST_VARS as $key=>$value){
 $ArrPostAndGet[]=$value;
 }
 foreach($HTTP_GET_VARS as $key=>$value){
 $ArrPostAndGet[]=$value;
 }
 }
 //验证开始
 foreach($ArrPostAndGet as $key=>$value){
 if (FunStringExist($value,$ArrFiltrate)){
 echo "";
 if (empty($StrGoUrl)){
 echo "";
 }else{
 echo "";
 }
 exit;
 }
 }
 /***************结束防止PHP注入*****************/
 ?>

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/629674.htmlTechArticleA relatively perfect PHP anti-SQL injection code. Many beginners have experience of SQL injection. Today Let us share with you a relatively complete SQL injection prevention code. Students in need can refer to...
Related labels:
php sql code beginner Compare injection beautiful
source:php.cn
Previous article:php stripslashes() and addslashes() usage_PHP tutorial Next article:A very practical PHP verification code class_PHP tutorial
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
Calculate the sum of fields in another table using MySQL SQL query I have a schema like this: User table with attributes "user_id" and "userna...
From 2024-04-06 19:39:29
0
1
441
Status update not working in React-Native on Android I have some code that has pairs of images in a swipeable horizontal gallery. Now when you ...
From 2024-04-06 16:54:10
0
1
410
Why is my hr tag translucent when it is set to a solid color of white? I have a html (with bootstrap) and a css, in my html I have a <hr> tag which has a c...
From 2024-04-06 16:13:26
0
1
500
Align tooltip to relative parent I spent two days trying to solve this problem but I realized I couldn't do it alone. I'm t...
From 2024-04-06 13:16:59
0
2
394
How to insert multiple rows in MySQL table and return new IDs? Normally I can insert a row in a MySQL table and get the last_insert_id. But now, I want t...
From 2024-04-06 10:03:44
0
2
294
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!