Copy Code code as follows:
function Jk1986_checksql ()
{
$bad _str = "and|select|update| ' | Delete|insert|* ";
$bad _array = explode ("|", $bad _STR);
/** Filter Get parameter **/
foreach ($bad _array as $bad _a)
{
foreach ($_get as $g)
{
if (Substr_count (Strtolower ($g), $bad _a) > 0)
{
echo "<script>alert" (' spooky character, please don't try to inject this station! Author: Jk1986 qq:414028660 '); location.href= ' index.php ';</script> ';
Exit ();
}
}
}
/** Filter Post Parameters **/
foreach ($bad _array as $bad _a)
{
foreach ($_post as $p)
{
if (Substr_count (Strtolower ($p), $bad _a) > 0)
{
echo "<script>alert" (' spooky character, please don't try to inject this station! Author: Jk1986 qq:414028660 '); location.href= ' index.php ';</script> ';
Exit ();
}
}
}
/** Filter Cookies parameter **/
foreach ($bad _array as $bad _a)
{
foreach ($_cookie as $co)
{
if (Substr_count (Strtolower ($co), $bad _a) > 0)
{
echo "<script>alert" (' spooky character, please don't try to inject this station! Author: Jk1986 qq:414028660 '); location.href= ' index.php ';</script> ';
Exit ();
}
}
}
}
Oh like the ASP and asp.net ideas, the purpose is to let lazy to improve efficiency. 88