- /**
- * Batch filter Post,get sensitive data
- * by bbs.it-home.org
- */
- if (GET_MAGIC_QUOTES_GPC ()) {
- $_get = Stripslashes_array ($_get);
- $_post = Stripslashes_array ($_post);
- }
- Function Stripslashes_array (& $array) {
- while (list ($key, $var) = each ($array)) {
- if ($key! = ' argc ' && $key! = ' argv ' && (Strtoupper ($key)! = $key | | ". Intval ($key) = =" $key ")) {
- if (is_string ($var)) {
- $array [$key] = stripslashes ($var);
- }
- if (Is_array ($var)) {
- $array [$key] = Stripslashes_array ($var);
- }
- }
- }
- return $array;
- }
- //--------------------------
- Replace HTML footer tags for filtering services
- //--------------------------
- function Lib_replace_end_tag ($STR)
- {
- if (empty ($STR)) return false;
- $str = Htmlspecialchars ($STR);
- $str = Str_replace ('/', "", $str);
- $str = str_replace ("\ \", "", $str);
- $str = Str_replace (">", "", $str);
- $str = Str_replace ("<", "", $str);
- $str = Str_replace ("", "" ", $str);
- $str = Str_replace ("", "" ", $str);
- $str =str_replace ("Select", "select", $str);
- $str =str_replace ("Join", "join", $STR);
- $str =str_replace ("union", "union", $STR);
- $str =str_replace ("where", "where", $str);
- $str =str_replace ("Insert", "Insert", $STR);
- $str =str_replace ("delete", "delete", $str);
- $str =str_replace ("Update", "Update", $STR);
- $str =str_replace ("like", "like", $STR);
- $str =str_replace ("Drop", "drop", $str);
- $str =str_replace ("Create", "create", $STR);
- $str =str_replace ("Modify", "Modify", $str);
- $str =str_replace ("rename", "Rename", $str);
- $STR =str_replace ("Alter", "Alter", $STR);
- $str =str_replace ("cas", "cast", $STR);
- $str =str_replace ("&", "&", $STR);
- $str =str_replace (">", ">", $str);
- $str =str_replace ("<", "<", $str);
- $str =str_replace ("", Chr (+), $str);
- $str =str_replace ("", Chr (9), $STR);
- $str =str_replace ("", Chr (9), $STR);
- $str =str_replace ("&", CHR, $STR);
- $str =str_replace ("'", Chr (), $STR);
- $str =str_replace ("
, Chr (+), $str);
- $str =str_replace ("'" "," ' ", $str);
- $str =str_replace ("CSS", "'", $str);
- $str =str_replace ("CSS", "'", $str);
- return $str;
- }
Copy Code |