Function code:
Copy CodeThe code is as follows:
PHP Batch filter Post,get sensitive data
if (GET_MAGIC_QUOTES_GPC ()) {
$_get = Stripslashes_array ($_get);
$_post = Stripslashes_array ($_post);
}
Function Stripslashes_array (& $array) {
while (list ($key, $var) = each ($array)) {
if ($key! = ' argc ' && $key! = ' argv ' && (Strtoupper ($key)! = $key | | ". Intval ($key) = =" $key ")) {
if (is_string ($var)) {
$array [$key] = stripslashes ($var);
}
if (Is_array ($var)) {
$array [$key] = Stripslashes_array ($var);
}
}
}
return $array;
}
Filter
function HTMLEncode ($STR) {
if (empty ($STR)) return;
if ($str = = "") return $str;
$str =trim ($STR);
$str =str_replace ("&", "&", $STR);
$str =str_replace (">", ">", $str);
$str =str_replace ("<", "<", $str);
$str =str_replace (CHR), "", $str);
$str =str_replace (Chr (9), "", $str);
$str =str_replace (Chr (9), "", $str);
$str =str_replace (CHR), "&", $STR);
$str =str_replace (CHR), "'", $str);
$str =str_replace (Chr (13), "
", $STR);
$str =str_replace ("'", "'", $str);
$str =str_replace ("Select", "select", $str);
$str =str_replace ("script", "script", $STR);
$str =str_replace ("script", "script", $STR);
$str =str_replace ("Join", "join", $STR);
$str =str_replace ("union", "union", $STR);
$str =str_replace ("where", "where", $str);
$str =str_replace ("Insert", "Insert", $STR);
$str =str_replace ("delete", "delete", $str);
$str =str_replace ("Update", "Update", $STR);
$str =str_replace ("like", "like", $STR);
$str =str_replace ("Drop", "drop", $str);
$str =str_replace ("Create", "create", $STR);
$str =str_replace ("Modify", "Modify", $str);
$str =str_replace ("rename", "Rename", $str);
$STR =str_replace ("Alter", "Alter", $STR);
$str =str_replace ("Cast", "CAS", $str);
return $str;
}
Decoding
function HtmlDecode ($STR) {
if (empty ($STR)) return;
if ($str = = "") return $str;
$str =str_replace ("Select", "select", $str);
$str =str_replace ("Join", "join", $STR);
$str =str_replace ("union", "union", $STR);
$str =str_replace ("where", "where", $str);
$str =str_replace ("Insert", "Insert", $STR);
$str =str_replace ("delete", "delete", $str);
$str =str_replace ("Update", "Update", $STR);
$str =str_replace ("like", "like", $STR);
$str =str_replace ("Drop", "drop", $str);
$str =str_replace ("Create", "create", $STR);
$str =str_replace ("Modify", "Modify", $str);
$str =str_replace ("rename", "Rename", $str);
$STR =str_replace ("Alter", "Alter", $STR);
$str =str_replace ("cas", "cast", $STR);
$str =str_replace ("&", "&", $STR);
$str =str_replace (">", ">", $str);
$str =str_replace ("<", "<", $str);
$str =str_replace ("", Chr (+), $str);
$str =str_replace ("", Chr (9), $STR);
$str =str_replace ("", Chr (9), $STR);
$str =str_replace ("&", CHR, $STR);
$str =str_replace ("'", Chr (), $STR);
$str =str_replace ("
, Chr (+), $str);
$str =str_replace ("'" "," ' ", $str);
return $str;
}
Function: String_filter ($string, $match _type=1)
Function: Filter illegal content
Parameters:
$string the string to check
$match _type Match type, 1 for exact match, 2 for Fuzzy match, default to 1
//
Returned: There is illegal content returned true, no illegal content returned false
Other: illegal keyword list is saved in TXT file, divided into common illegal keyword and serious illegal keyword two lists
Author: Heiyeluren
Date: 2006-1-18
//
//======================================================================
function Lib_lawless_string_filter ($string, $match _type=1)
{
String null directly returned as illegal
$string = Trim ($string);
if (empty ($string))
{
return false;
}
Get a list of important keywords and common keywords
$common _file = "Common_list.txt"; List of generic filter keywords
$signify _file = "Signify_list.txt"; Important Filter Keyword List
If any list file does not exist directly return false, otherwise the two file list is read into two arrays
if (!file_exists ($common _file) | | |!file_exists ($signify _file))
{
return false;
}
$common _list = file ($common _file);
$signify _list = file ($signify _file);
Exact match
if ($match _type = = 1)
{
$is _lawless = Exact_match ($string, $common _list);
}
Fuzzy matching
if ($match _type = = 2)
{
$is _lawless = Blur_match ($string, $common _list, $signify _list);
}
Determine if there is data in the search result array, and if so, prove to be illegal
if (Is_array ($is _lawless) &&!empty ($is _lawless))
{
return true;
}
Else
{
return false;
}
}
//---------------------
Exact Match for filtering services
//---------------------
function Exact_match ($string, $common _list)
{
$string = Trim ($string);
$string = Lib_replace_end_tag ($string);
Retrieving a list of common filter keywords
foreach ($common _list as $block)
{
$block = Trim ($block);
if (Preg_match ("/^ $string $/i", $block))
{
$blist [] = $block;
}
}
Determine if there are any filtered contents in the array
if (!empty ($blist))
{
Return Array_unique ($blist);
}
return false;
}
//----------------------
Fuzzy matching for filtering services
//----------------------
function Blur_match ($string, $common _list, $signify _list)
{
$string = Trim ($string);
$s _len = strlen ($string);
$string = Lib_replace_end_tag ($string);
Retrieving a list of common filter keywords
foreach ($common _list as $block)
{
$block = Trim ($block);
if (Preg_match ("/^ $string $/i", $block))
{
$blist [] = $block;
}
}
Retrieving a list of critical filter keywords
foreach ($signify _list as $block)
{
$block = Trim ($block);
if ($s _len>=strlen ($block) && preg_match ("/$block/I", $string))
{
$blist [] = $block;
}
}
Determine if there are any filtered contents in the array
if (!empty ($blist))
{
Return Array_unique ($blist);
}
return false;
}
//--------------------------
Replace HTML footer tags for filtering services
//--------------------------
function Lib_replace_end_tag ($STR)
{
if (empty ($STR)) return false;
$str = Htmlspecialchars ($STR);
$str = Str_replace ('/', "", $str);
$str = str_replace ("\ \", "", $str);
$str = Str_replace (">", "", $str);
$str = Str_replace ("<", "", $str);
$str = Str_replace ("", "" ", $str);
$str = Str_replace ("", "" ", $str);
$str =str_replace ("Select", "select", $str);
$str =str_replace ("Join", "join", $STR);
$str =str_replace ("union", "union", $STR);
$str =str_replace ("where", "where", $str);
$str =str_replace ("Insert", "Insert", $STR);
$str =str_replace ("delete", "delete", $str);
$str =str_replace ("Update", "Update", $STR);
$str =str_replace ("like", "like", $STR);
$str =str_replace ("Drop", "drop", $str);
$str =str_replace ("Create", "create", $STR);
$str =str_replace ("Modify", "Modify", $str);
$str =str_replace ("rename", "Rename", $str);
$STR =str_replace ("Alter", "Alter", $STR);
$str =str_replace ("cas", "cast", $STR);
$str =str_replace ("&", "&", $STR);
$str =str_replace (">", ">", $str);
$str =str_replace ("<", "<", $str);
$str =str_replace ("", Chr (+), $str);
$str =str_replace ("", Chr (9), $STR);
$str =str_replace ("", Chr (9), $STR);
$str =str_replace ("&", CHR, $STR);
$str =str_replace ("'", Chr (), $STR);
$str =str_replace ("
, Chr (+), $str);
$str =str_replace ("'" "," ' ", $str);
$str =str_replace ("CSS", "'", $str);
$str =str_replace ("CSS", "'", $str);
return $str;
HTML tags, which can be filtered as extensions
/*
$tags = Array ("/html", "/head", "/body", "/div", "/span", "/doctype", "/title", "/link", "/meta", "/style", "/P", "/h1,", "/h2,", "/h3,", "/h4,", "/h5,", "/h6", "/strong", "/em", "/abbr", "/acronym", "/address", "/bdo", "/blockquote", "/cite", "/q", "/code", "/ins", "/del", "/DFN", "/kbd", "/pre", "/samp", "/var", "/br", "/A", "/img", "/area", "/map", "/object", " /param ","/ul ","/ol ","/li ","/dl ","/dt ","/dd ","/table ","/tr ","/td ","/th ","/tbody ","/thead ","/tfoot ","/col ","/ Colgroup ","/caption ","/form ","/input ","/textarea ","/select ","/option ","/optgroup ","/button ","/label ","/ FieldSet ","/legend ","/script ","/noscript ","/b ","/I ","/tt ","/sub ","/sup ","/big ","/small ","/hr ");
*/
}
Code:
The references are directly like this:
Copy the Code code as follows:
$xxx = htmlspecialchars ($_post[' xxx ');
Or
Copy the Code code as follows:
$xxx = htmlspecialchars ($_get[' xxx ');
http://www.bkjia.com/PHPjc/743146.html www.bkjia.com true http://www.bkjia.com/PHPjc/743146.html techarticle function Code: Copy code code as follows://php bulk filter Post,get sensitive data if (GET_MAGIC_QUOTES_GPC ()) {$_get = Stripslashes_array ($_get); $_post = Stri Pslashes_array ($_pos ...