Filter paging Parameters

Http://101ban.sinaapp.com/guest/show/2 this is a website message board page, show method after the parameter should be a number, but if manually enter some strings, it will lead to database errors, by analyzing the error page error information, you can enter Database SQL commands to operate databases and pose threats to website security. Therefore, not only do you need to filter input information, but many built-in parameters must also be filtered to prevent security issues.

The paging code is as follows:

$ This-> load-> Library ('pagination'); $ config ['base _ url'] = site_url (). '/guest/show'; $ config ['total _ rows'] = $ C; $ config ['per _ page'] = $ pernum = 15; $ config ['uri _ segment '] = 3; $ config ['use _ page_numbers'] = true; $ config ['first _ link'] = 'first page '; $ config ['last _ link'] = 'last page'; $ config ['num _ link'] = 5; $ this-> pagination-> initialize ($ config); If (! $ This-> URI-> segment (3) {$ currentnum = 0;} else {$ currentnum = is_numeric ($ this-> URI-> segment (3 ))? (Intval ($ this-> URI-> segment (3)-1) * $ pernum: 0 ;} $ current_page = is_numeric ($ this-> URI-> segment (3 ))? Intval ($ this-> URI-> segment (3): 1; if ($ current_page) {$ data ['title'] = 'dd '. $ current_page. 'page-message book-first Hongzhi class website of Daye lab High School';} else {$ data ['title'] = 'message book-first Hongzhi class website of Daye lab High School ';} $ data ['liuyan '] = $ this-> LY-> getly ($ pernum, $ currentnum );

Where:

 

$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;

 

The two statements determine whether the parameter is a number. Prevents invalid characters.