Php anti-injection and anti-character filtering code

It provides php developers with a php SQL anti-injection, character filtering, and various filtering codes.

It provides php developers with a php SQL anti-injection, character filtering, and various filtering codes.

/// = Automatic Anti-injection filtering [Low program efficiency after enabling] ====================== ========================================================== ======================================
/*
Function inject_checks ($ SQL _str) {return eregi ('select | insert | update | delete | '|/* | .. /|. /| union | into | load_file | outfile ', $ SQL _str );}
Foreach ($ _ REQUEST as $ value) {if (inject_checks ($ value) {echo "<script language = javascript> alert ('your submitted data is invalid, please check and submit again! '); </Script> "; exit ;}}
*/
// = [Inject_check ($ SQL _str)] ========================================================== ========================================================== ============
Function inject_check ($ SQL _str ){
If (eregi ('select | insert | update | delete | union | into | load_file | outfile ', $ SQL _str )) {echo "<script language = javascript> alert ('the data you submitted is invalid. Check it and submit it again! '); </Script> "; exit ;}
Return $ SQL _str;
}
// = Character filtering [safe_convert ($ string)] ========================================================== ==============================================
Function safe_convert ($ string) {// Words Filter
If (get_magic_quotes_gpc () {// escape character with backslash
$ String = htmlspecialchars ($ string, ENT_QUOTES); // convert special characters into HTML string formats, such as "&" to "& amp ;"
$ String = str_replace ("<", "& lt;", $ string); // replace
$ String = str_replace (">", "& gt;", $ string); // replace
$ String = str_replace ("\", '& #92;', $ string); // replace
} Else {
$ String = addslashes ($ string); // escape character with backslash // $ string = stripslashes ($ string); // remove the backslash
$ String = str_replace ("\", '& #92;', $ string );
}
// $ String = str_replace ("r", "<br/>", $ string); // line feed
// $ String = str_replace ("n", "", $ string); // Space
$ String = str_replace ("t", "& nbsp;", $ string); // Space
$ String = str_replace ("", "& nbsp;", $ string); // Space
// $ String = str_replace ('|', '& #124;', $ string); // The Replacement Operation conflicts with the classification system.
$ String = str_replace ("& amp; #96;", "& #96;", $ string); // replace
$ String = str_replace ("& amp; #92;", "& #92;", $ string); // replace
Return $ string;
}
// = [Unsafe_convert ($ string)] ========================================================== ==============================================
Function unsafe_convert ($ string) {// Words Filter
$ String = str_replace ("& #92; & quot;", "& quot;", $ string); // replace
Return $ string;
}

// = Character filtering [filter ($ string)] ========================================================== ========================================================== ================
Function filter ($ string) {// Words Filter
Include ("Filter. php"); // word Filter list
Foreach ($ badwords as $ badword ){
If (stristr ($ string, $ badword) = true) {echo "<script language = javascript> alert ('Warning: Your submitted content contains sensitive words. Please change the content. '); </Script> "; exit ;}
}
Return $ string;
}