PHP security detection code snippet (share ). The code for copying the code is as follows: *** html conversion output (only escape and keep Html running properly) * @ param $ param * @ returnstring * functionhtmlEscape ($ param) {returntrim (htmlspecialch
The code is as follows:
/**
* Html conversion output (only Escape '"to keep Html running properly)
* @ Param $ param
* @ Return string
*/
Function htmlEscape ($ param ){
Return trim (htmlspecialchars ($ param, ENT_QUOTES ));
}
/**
* Array or not (check whether there are values in the array at the same time)
* @ Param $ params
* @ Return boolean
*/
Function isArray ($ params ){
Return (! Is_array ($ params) |! Count ($ params ))? False: true;
}
/**
* Whether the variable exists in the array (Parameter error tolerance, whether the string exists in the array)
* @ Param $ param
* @ Param $ params
* @ Return boolean
*/
Function inArray ($ param, $ params ){
Return (! In_array (string) $ param, (array) $ params ))? False: true;
}
/**
* Common multi-type mixed escape functions
* @ Param $ var
* @ Param $ strip
* @ Param $ isArray
* @ Return mixture
*/
Function sqlEscape ($ var, $ strip = true, $ isArray = false ){
If (is_array ($ var )){
If (! $ IsArray) return "''";
Foreach ($ var as $ key => $ value ){
$ Var [$ key] = trim (S: sqlEscape ($ value, $ strip ));
}
Return $ var;
} Elseif (is_numeric ($ var )){
Return "'". $ var ."'";
} Else {
Return "'". addslashes ($ strip? Stripslashes ($ var): $ var )."'";
}
}
/**
* Get Server variables
* @ Param $ keys
* @ Return string
*/
Function getServer ($ keys ){
$ Server = array ();
$ Array = (array) $ keys;
Foreach ($ array as $ key ){
$ Server [$ key] = NULL;
If (isset ($ _ SERVER [$ key]) {
$ Server [$ key] = str_replace (array ('<', '>', '"'," '",' % 3C ',' % 3E ', '% 22',' % 27', '% 3c', '% 3e'), '', $ _ SERVER [$ key]);
}
}
Return is_array ($ keys )? $ Server: $ server [$ keys];
}
/**
* Variable escape
* @ Param $ array
*/
Function slashes (& $ array ){
If (is_array ($ array )){
Foreach ($ array as $ key => $ value ){
If (is_array ($ value )){
S: slashes ($ array [$ key]);
} Else {
$ Array [$ key] = addslashes ($ value );
}
}
}
}
/**
* Directory conversion
* @ Param unknown_type $ dir
* @ Return string
*/
Function escapeDir ($ dir ){
$ Dir = str_replace (array ("'",' # ',' = ', ''',' $ ',' % ','&',';'), '', $ dir );
Return rtrim (preg_replace ('/(\/) {2,} | (\) {1,}/', '/', $ dir ), '/');
}
/**
* General multi-type conversion
* @ Param $ mixed
* @ Param $ isint
* @ Param $ istrim
* @ Return mixture
*/
Function escapeChar ($ mixed, $ isint = false, $ istrim = false ){
If (is_array ($ mixed )){
Foreach ($ mixed as $ key => $ value ){
$ Mixed [$ key] = S: escapeChar ($ value, $ isint, $ istrim );
}
} Elseif ($ isint ){
$ Mixed = (int) $ mixed;
} Elseif (! Is_numeric ($ mixed) & ($ istrim? $ Mixed = trim ($ mixed): $ mixed) & $ mixed ){
$ Mixed = S: escapeStr ($ mixed );
}
Return $ mixed;
}
/**
* Character conversion
* @ Param $ string
* @ Return string
*/
Function escapeStr ($ string ){
$ String = str_replace (array ("\ 0", "% 00", "\ r"), '', $ string); // modified @ 2010-7-5
$ String = preg_replace (array ('/[\ x00-\ x08 \ x0B \ x0C \ x0E-\ x1F]/', '/& (?! (# [0-9] + | [a-z] +);)/is '), array ('',' & '), $ string );
$ String = str_replace (array ("% 3C", '<'), '<', $ string );
$ String = str_replace (array ("% 3E", '>'), '>', $ string );
$ String = str_replace (array ('"'," '"," \ t ",''), array ('"',''','', ''), $ string );
Return $ string;
}
/**
* Variable check
* @ Param $ var
*/
Function checkVar (& $ var ){
If (is_array ($ var )){
Foreach ($ var as $ key => $ value ){
S: checkVar ($ var [$ key]);
}
} Elseif (P_W! = 'Admincp '){
$ Var = str_replace (array ('.. ',') ',' <',' = '), array ('.. ',') ',' <',' = '), $ var );
} Elseif (str_replace (array (' Global $ basename;
$ Basename = 'javascript: history. go (-1 );';
Adminmsg ('Word _ error ');
}
}
The http://www.bkjia.com/PHPjc/328003.htmlwww.bkjia.comtruehttp://www.bkjia.com/PHPjc/328003.htmlTechArticle code is as follows:/*** html conversion output (only Escape '"keep Html running normally) * @ param $ param * @ return string */function htmlEscape ($ param) {return trim (htmlspecialch...