PHP for URL Security filtering processing
Preg_match_all ('/([0-9]) = ([\%\+\-\.\/0-9\=a-z\_]+)/I ', $_server[' query_string '], $_get); $_get = ($_get[0]? array_ Combine ($_get[1], $_get[2]): Array ()) + array_fill (0, 10, ");
Now your $_get only accept the 0-9 setting of course these URLs are safe.
? 0=123&1=456 illegal url&2=789 "and Xxx=1&3=0abc&4=base64_code&5=urlencode
Look
An acceptable URL [\%\+\-\.\/0-9\=a-z\_]+
Can understand the put, and has set the non-existent setting to NULL to prevent errors
Usually Isset ($_get[0]) can be changed to $_get[0] no warning message
I've already set the $_get 0-9 nonexistent.
Ah, some people say that direct variables do not have a warning message?? I..
EXPLANATION No warning message does not indicate that no warning message was generated
Set the highest error reporting level in front
Error_reporting (8191);
Do you have a look? And I did a solid and speed test on PHP error messages.
See PHP explaining why to use Isset ()