Simple and easy to understand php sql anti-injection code
Release: 2016-07-25 09:03:40
Original
1047 people have browsed it
-
- //Illegal characters to be filtered
- $ArrFiltrate=array("'",";","union");
- //The url to be redirected after an error occurs, if not filled in Default previous page
- $StrGoUrl="";
- //Whether there is a value in the array
- function FunStringExist($StrFiltrate,$ArrFiltrate){
- foreach ($ArrFiltrate as $key=>$value){
- if (eregi ($value,$StrFiltrate)){
- return true;
- }
- }
- return false;
- }
- //Merge $_POST and $_GET
- if(function_exists(array_merge)){
- $ArrPostAndGet=array_merge($HTTP_POST_VARS, $HTTP_GET_VARS);
- }else{
- foreach($HTTP_POST_VARS as $key=>$value){
- $ArrPostAndGet[]=$value;
- }
- foreach($HTTP_GET_VARS as $key=>$value){
- $ArrPostAndGet[]=$value;
- }
- }
- //Verification starts
- foreach($ArrPostAndGet as $key=>$value){
- if (FunStringExist($value,$ArrFiltrate)){
- echo “< script language=”javascript”>alert(“Illegal character”);”;
- if (emptyempty($StrGoUrl)){
- echo “”;
- }else{
- echo “”;
- }
- exit;
- }
- }
- ?>
Copy code
Method 2
-
- /* Filter all GET variables*/
- foreach ($_GET as $get_key=>$get_var)
- {
- if (is_numeric($get_var)) {
- $get[ strtolower($get_key)] = get_int($get_var);
- } else {
- $get[strtolower($get_key)] = get_str($get_var);
- }
- }
- /* Filter all POST variables*/
- foreach ($_POST as $post_key=>$post_var)
- {
- if (is_numeric($post_var)) {
- $post[strtolower($post_key)] = get_int($post_var);
- } else {
- $post[ strtolower($post_key)] = get_str($post_var);
- }
- }
- /* Filter function*/
- //Integer filter function
- function get_int($number)
- {
- return intval($number);
- }
- //String filter function
- function get_str($string)
- {
- if (!get_magic_quotes_gpc()) {
- return addslashes($string);
- }
- return $string;
- }
- ?>
Copy code
|
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
-
2024-10-22 09:46:29
-
2024-10-13 13:53:41
-
2024-10-12 12:15:51
-
2024-10-11 22:47:31
-
2024-10-11 19:36:51
-
2024-10-11 15:50:41
-
2024-10-11 15:07:41
-
2024-10-11 14:21:21
-
2024-10-11 12:59:11
-
2024-10-11 12:17:31