php Simple parameter Filter code learning

/** * Parameter Filter code * Edit bbs.it-home.org */ if (@get_magic_quotes_gpc ()) { $_get = sec ($_get); $_post = sec ($_post); $_cookie = sec ($_cookie); $_files = sec ($_files); } $_server = sec ($_server); Function sec (& $array) { If it is an array, iterate through the array, calling recursively if (Is_array ($array)) { foreach ($array as $k = = $v) { $array [$k] = sec ($v); } } else if (is_string ($array)) { Use the Addslashes function to handle $array = Addslashes ($array); } else if (Is_numeric ($array)) { $array = Intval ($array); } return $array; } ?> Copy Code 1, the parameters of the integer parameter when the input parameter YY is an integer, the SQL statement in abc.asp usually looks as follows: SELECT * from table name where field =yy, so you can use the following steps to test whether SQL injection exists. ①http://xxx.xxx.xxx/abc.asp?p=yy ' (append a single quotation mark), at this time ABC. The SQL statement in ASP becomes a select * from table name where Field =yy ', abc.asp run exception, ②http://xxx.xxx.xxx/abc.asp?p=yy and 1=1, abc.asp is working properly, and http:/ /xxx.xxx.xxx/abc.asp?p=yy run the same result; ③http://xxx.xxx.xxx/abc.asp?p=yy and 1=2, Abc.asp run exception, if the above three steps are fully satisfied, there must be a SQL injection vulnerability in abc.asp. An integer filter function with the following code: function Num_check ($id) { if (! $id) { Die (' parameter cannot be empty! ' ); }//Is null-judged else if (Inject_check ($id)) { Die (' illegal parameters '); }//Injection judgment else if (! is_numetic ($id)) { Die (' illegal parameters '); } Digital judgment $id = Intval ($id); The whole type of return $id; } Character Filter function function Str_check ($STR) { if (Inject_check ($STR)) { Die (' illegal parameters '); } Injection judgment $str = Htmlspecialchars ($STR); Convert HTML return $str; } function Search_check ($STR) { $str = Str_replace ("_", "_", $str); Filter Out "_" $str = str_replace ("%", "%", $str); Filter out "%" $str = Htmlspecialchars ($STR); Convert HTML return $str; } Form Filter function function Post_check ($str, $min, $max) { if (Isset ($min) && strlen ($STR) < $min) { Die (' minimum $min bytes '); } else if (Isset ($max) && strlen ($STR) > $max) { Die (' Up to $max bytes '); } Return Stripslashes_array ($STR); } ?> Copy Code When the input parameter YY is a string, the SQL statement in abc.asp usually looks as follows: SELECT * from table name where field = ' YY ', so you can use the following steps to test whether SQL injection exists. ①http://xxx.xxx.xxx/abc.asp?p=yy ' (append a single quotation mark), at this time ABC. The SQL statement in ASP becomes a select * from table name where Field =yy ', abc.asp run exception; ②http://xxx.xxx.xxx/abc.asp?p=yy&;nb 39;1 ' = ' 1 ', abc.asp run normally, and with HTTP://xxx.xxx.xxx/abc.asp?p=YY run the same result; ③http://xxx.xxx.xxx/abc.asp?p=yy&;nb ... 39;1 ' = ' 2 ', abc.asp run exception, if the above three steps are fully satisfied, there must be a SQL injection vulnerability in abc.asp. Attach a function to prevent SQL injection: Anti-injection function function Inject_check ($sql _str) { Return eregi (' select|inert|update|delete| ' | /*|*|.. /|. /| Union|into|load_file|outfile ', $sql _str); Filtration, anti-injection bbs.it-home.org } Function Stripslashes_array (& $array) { if (Is_array ($array)) { foreach ($array as $k = = $v) { $array [$k] = Stripslashes_array ($v); } } else if (is_string ($array)) { $array = Stripslashes ($array); } return $array; } ?> Copy Code

