Community Learn Tools Library Leisure
search
English
Home > Backend Development > PHP Tutorial > Easy-to-understand PHP anti-injection code_PHP tutorial

Easy-to-understand PHP anti-injection code_PHP tutorial

WBOY
Release: 2016-07-21 15:39:23
Original
928 people have browsed it

Let’s introduce two methods. First, please save the following code as safe.php in the root directory of the website, and then add include(“/safe.php“); in front of each php file:

php anti-injection code method one:

Copy code The code is as follows:

//Illegal characters to be filtered
$ArrFiltrate=array(”'”,”;”,”union”);
//The url to be redirected after an error occurs, if not filled in, the previous page will be defaulted
$StrGoUrl=””;
//Whether there is a value in the array
function FunStringExist($StrFiltrate,$ArrFiltrate){
foreach ($ArrFiltrate as $key=>$value){
if (eregi($value,$StrFiltrate)){
return true;
}
}
return false;
}
//Merge $_POST and $_GET
if(function_exists(array_merge)){
$ArrPostAndGet=array_merge($HTTP_POST_VARS,$HTTP_GET_VARS);
}else{
foreach($HTTP_POST_VARS as $key=>$value){
$ArrPostAndGet[]=$value;
}
foreach($HTTP_GET_VARS as $key=>$value){
$ArrPostAndGet[]=$value;
}
}
//Verification starts
foreach($ArrPostAndGet as $key=>$value){
if (FunStringExist($value,$ArrFiltrate)){
echo “";
if (emptyempty($StrGoUrl)){
echo "”;
}else{
echo “ ";
}
exit;
}
}
?>

php anti-injection code method two:
Copy code The code is as follows:

/* Filter all GET variables*/
foreach ($_GET as $get_key=> ;$get_var)
{
if (is_numeric($get_var)) {
$get[strtolower($get_key)] = get_int($get_var);
} else {
$get [strtolower($get_key)] = get_str($get_var);
}
}
/* Filter all POST variables*/
foreach ($_POST as $post_key=>$post_var )
{
if (is_numeric($post_var)) {
$post[strtolower($post_key)] = get_int($post_var);
} else {
$post[strtolower( $post_key)] = get_str($post_var);
}
}
/* Filter function*/
//Integer filter function
function get_int($number)
{
return intval($number);
}
//String filter function
function get_str($string)
{
if (!get_magic_quotes_gpc()) {
return addslashes($string);
}
return $string;
}

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/321597.htmlTechArticleIntroduce two methods. First, please save the following code as safe.php and place it in the root directory of the website, and then Just add include("/safe.php"); before each php file: PHP anti-injection code method 1...
Related labels:
php introduce code Bundle method injection first
source:php.cn
Previous article:php array_search() function usage_PHP tutorial Next article:Create database php code and use PHP to write your own BLOG system_PHP tutorial
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
Move the content to the left by adding the Width property I have provided margins to the body. main {left margin: 200px; right margin: 200px; text a...
From 2024-04-06 22:01:35
0
3
816
The page suddenly cannot pull css or bootstrap So I'm developing a page, I did part of it yesterday and it worked great, and today I cont...
From 2024-04-06 21:58:04
0
1
800
How to use laravel components with livewire lazy placeholder I want to add the skeleton of my laravel component inside a livewire3 placeholder What I h...
From 2024-04-06 20:02:10
0
2
543
Laravel 8 - How to redirect /{editable_text} route to /{user} route I've been trying to create a redirect route to lead me to a user profile. The redirect rou...
From 2024-04-06 17:26:11
0
1
410
Show hidden side panels: checked I would like to have a navigation menu in the side panel with the ability to switch to vie...
From 2024-04-06 15:49:33
0
1
319
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template