& Amp; quot; perfect & amp; quot; anti-XSS anti-SQL injection code injection
Haha, I 've sent a paragraph before, and then again. the organization thinks that the two codes in this project are very good and can prevent all code attacks and release them here. Crack the attack,
- Function gjj ($ str)
- {
- $ Farr = array (
- "/\ S + /",
- "/<(\\/?) (Script | I? Frame | style | html | body | title | link | meta | object | \\? | \ %) ([^>] *?)> /IsU ",
- "/(<[^>] *) On [a-zA-Z] + \ s * = ([^>] *>)/isU ",
- );
- $ Str = preg_replace ($ farr, "", $ str );
- Return addslashes ($ str );
- }
- Function hg_input_bb ($ array)
- {
- If (is_array ($ array ))
- {
- Foreach ($ array AS $ k => $ v)
- {
- $ Array [$ k] = hg_input_bb ($ v );
- }
- }
- Else
- {
- $ Array = gjj ($ array );
- }
- Return $ array;
- }
- $ _ REQUEST = hg_input_bb ($ _ REQUEST );
- $ _ GET = hg_input_bb ($ _ GET );
- $ _ POST = hg_input_bb ($ _ POST );
|