Http://bbs.aliyun.com/read/137391.html
<?PHP/** * Cloud Physical Examination Universal Vulnerability Protection Patch V1.1* Update Time: 2013-05-25* function Description: Protection Xss,sql, code execution, file inclusion and many other high-risk vulnerabilities*/$url _arr=Array( ' XSS ' = ' \\=\\+\\/v (?: 8|9|\\+|\\/) |\\%0acontent\\-(?: id|location|type|transfer\\-encoding) ',);$args _arr=Array( ' XSS ' = ' [\ \ ' \\\ ' \\;\\*\\<\\>].*\\bon[a-za-z]{3,15}[\\s\\r\\n\\v\\f]*\\=|\\b (?: expression) \ \ (|\\< script[\\s\\\\\\/]|\\<\\!\\[cdata\\[|\\b (?: Eval|alert|prompt|msgbox) \\s*\\ (|url\\ (?: \ \#|data|javascript) ", ' sql ' = =" [^\\{\\s]{1} (\\s|\\b) + (?: Select\\b|update\\b|insert (?:( \\/\\*.*?\\*\\/)| (\\s) | (\\+)) +into\\b). +? (?: from\\b|set\\b) | [^\\{\\s]{1} (\\s|\\b) + (?: Create|delete|drop|truncate|rename|desc) (?:( \\/\\*.*?\\*\\/)| (\\s) | (\\+)) + (?: table\\b|from\\b|database\\b) |into (?:( \\/\\*.*?\\*\\/) |\\s|\\+) + (?:d ump|out) file\\b|\\bsleep\\ ([\\s]*[\\d]+[\\s]*\\) |benchmark\\ ([^\\,]*] \ \ ([^\\,] *)\\)| (?:d eclare|set|select) \\b.*@|union\\b.* (?: Select|all) \\b| (?: Select|update|insert|create|delete|drop|grant|truncate|rename|exec|desc|from|table|database|set|where) \\b.* (charset|ascii|bin|char|uncompress|concat|concat_ws|conv|export_set|hex|instr|left|load_file|locate|mid|sub| Substring|oct|reverse|right|unhex) \ \ (?: master\\.\\.sysdatabases|msysaccessobjects|msysqueries|sysmodules| Mysql\\.db|sys\\.database_name|information_schema\\.| Sysobjects|sp_makewebtask|xp_cmdshell|sp_oamethod|sp_addextendedproc|sp_oacreate|xp_regread|sys\\.dbms_export_ extension) ", ' other ' = ' \\.\\. [\\\\\\/].*\\%00 ([^0-9a-fa-f]|$) |%0 0[\\ ' \\\ ' \ \.] ");$referer=Empty($_server[' Http_referer ']) ?Array() :Array($_server[' Http_referer ']);$query _string=Empty($_server["Query_string"]) ?Array() :Array($_server["Query_string"]); Check_data ($query _string,$url _arr); Check_data ($_get,$args _arr); Check_data ($_post,$args _arr); Check_data ($_cookie,$args _arr); Check_data ($referer,$args _arr );functionW_log ($log){ $logpath=$_server["Document_root"]. " /log.txt "; $log _f=fopen($logpath, "A +"); fputs($log _f,$log." \ r \ n "); fclose($log _f);}functionCheck_data ($arr,$v) { foreach($arr as $key=$value){ if(!Is_array($key) ) {Check ($key,$v); }Else{check_data ($key,$v); } if( !Is_array($value) ) {Check ($value,$v); }Else{check_data ($value,$v); } }}functionCheck$str,$v){ foreach($v as $key=$value){ if(Preg_match("/".$value." /is ",$str) = = 1 | |Preg_match("/".$value." /is ",UrlEncode($str)) ==1 ){ //W_log ("<br>ip:". $_server["REMOTE_ADDR"]. " <br> time: ". Strftime ("%y-%m-%d%h:%m:%s ")." <br> page: ". $_server[" Php_self "]." <br> Submission Method: ". $_server[" Request_method "]." <br> submit data: ". $str); Print"Your submission with illegal parameters, thank you for your cooperation"; Exit(); } }}?>