This article describes how to filter SQL injection by $ _ GET and $ _ POST in php, including the addslashes_deep function and array operation method. it is a very useful technique, for more information about how to filter SQL injection in php, see $ _ GET and $ _ POST. The specific analysis is as follows:
This function can only filter sensitive SQL commands, such as id = 1, you still need to simply filter.
The main implementation code is as follows:
The code is as follows:
If (! Get_magic_quotes_gpc ())
{
If (! Empty ($ _ GET ))
{
$ _ GET = addslashes_deep ($ _ GET );
}
If (! Empty ($ _ POST ))
{
$ _ POST = addslashes_deep ($ _ POST );
}
$ _ COOKIE = addslashes_deep ($ _ COOKIE );
$ _ REQUEST = addslashes_deep ($ _ REQUEST );
}
Function addslashes_deep ($ value)
{
If (empty ($ value ))
{
Return $ value;
}
Else
{
Return is_array ($ value )? Array_map ('addslashes _ deep ', $ value): addslashes ($ value );
}
}
I hope this article will help you with PHP programming.