Php prevents SQL injection to filter paging parameter instances

This article mainly introduces php's method of preventing paging parameters from being filtered in SQL injection. The example shows how to judge the value of paging parameters, which is very useful, for more information about how to filter paging parameters in SQL injection, see the example in this article. Share it with you for your reference. The specific analysis is as follows:

For network security, do not trust any input information on the network. we must filter parameters for any input information. For this purpose, let's take a look at the following example:

The code is as follows:

$ This-> load-> library ('pagination ');
$ Config ['base _ url'] = site_url (). '/guest/show ';
$ Config ['total _ rows '] = $ c;
$ Config ['per _ page'] = $ pernum = 15;
$ Config ['uri _ segment '] = 3;
$ Config ['use _ page_numbers '] = TRUE;
$ Config ['first _ link'] = 'first page ';
$ Config ['last _ link'] = 'Last page ';
$ Config ['Num _ links '] = 5;
$ This-> pagination-> initialize ($ config );
If (! $ This-> uri-> segment (3 )){
$ Currentnum = 0;
} Else {
$ Currentnum = is_numeric ($ this-> uri-> segment (3 ))? (Intval ($ this-> uri-> segment (3)-1) * $ pernum: 0;
}

$ Current_page = is_numeric ($ this-> uri-> segment (3 ))? Intval ($ this-> uri-> segment (3): 1;
If ($ current_page ){
$ Data ['title'] = 'title'. $ current_page. 'page-message book-anti-SQL injection test ';
}
Else {
$ Data ['title'] = 'message book-anti-SQL injection test ';
}

$ Data ['liuyan '] = $ this-> ly-> getLy ($ pernum, $ currentnum );

Where:

The code is as follows:

$ Current_page = is_numeric ($ this-> uri-> segment (3 ))? Intval ($ this-> uri-> segment (3): 1;
$ Currentnum = is_numeric ($ this-> uri-> segment (3 ))? (Intval ($ this-> uri-> segment (3)-1) * $ pernum;

The two statements determine whether the parameter is a number. Prevents invalid characters.

I hope this article will help you with PHP programming.