PHP for URL Security filtering processing
Preg_match_all ('/([0-9]) = ([\%\+\-\.\/0-9\=a-z\_]+)/I ', $_server[' query_string '], $_get); $_get = ($_get? array_ Combine ($_get, $_get): Array ()) + array_fill (0, 10, ");
Now your $_get only accept the 0-9 setting of course these URLs are safe.
? 0=123&1=456 illegal url&2=789 "and Xxx=1&3=0abc&4=base64_code&5=urlencode
An acceptable URL [\%\+\-\.\/0-9\=a-z\_]+
Can understand the put, and has set the non-existent setting to NULL to prevent errors
Usually Isset ($_get) can be changed to $_get no warning message
I've already set the $_get 0-9 nonexistent.
Ah, some people say that direct variables do not have a warning message?? I..
EXPLANATION No warning message does not indicate that no warning message was generated
Set the highest error reporting level in front
Do you have a look? And I did a solid and speed test on PHP error messages.
See PHP explaining why to use Isset ()