This article describes how php can quickly search for malicious code in a database. it can be used to filter out special characters, for more information about how to quickly search for malicious code in a database using php, see the following example. Share it with you for your reference. The details are as follows:
The database is entered with malicious code. to ensure the security of your database, you must carefully clean it up. With the following super convenient function, you can quickly clear malicious database code.
function cleanInput($input) { $search = array( '@]*?>.*?@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@]*?>.*?@siU', // Strip style tags properly '@@' // Strip multi-line comments ); $output = preg_replace($search, '', $input); return $output; }function sanitize($input) { if (is_array($input)) { foreach($input as $var=>$val) { $output[$var] = sanitize($val); } } else { if (get_magic_quotes_gpc()) { $input = stripslashes($input); } $input = cleanInput($input); $output = mysql_real_escape_string($input); } return $output;}// Usage:$bad_string = "Hi! It's a good day!";$good_string = sanitize($bad_string);// $good_string returns "Hi! It\'s a good day!"// Also use for getting POST/GET variables$_POST = sanitize($_POST);$_GET = sanitize($_GET);
I hope this article will help you with php programming.