Php simple parameter filtering code learning

Php simple parameter filtering code learning

/** * Parameter filtering code * Edit bbs.it-home.org */ If (@ get_magic_quotes_gpc ()){ $ _ GET = sec ($ _ GET ); $ _ POST = sec ($ _ POST ); $ _ COOKIE = sec ($ _ COOKIE ); $ _ FILES = sec ($ _ FILES ); } $ _ SERVER = sec ($ _ SERVER ); Function sec (& $ array ){ // If it is an array, traverse the array and call it recursively If (is_array ($ array )){ Foreach ($ array as $ k => $ v ){ $ Array [$ k] = sec ($ v ); } } Else if (is_string ($ array )){ // Use the addslashes function for processing $ Array = addslashes ($ array ); } Else if (is_numeric ($ array )){ $ Array = intval ($ array ); } Return $ array; } ?> 1. integer parameter determination when the input parameter YY is an integer, usually abc. the SQL statement in asp is roughly as follows: select * from table name where field = YY, so you can use the following steps to test whether SQL injection exists. ① HTTP: // xxx. xxx. xxx/abc. asp? P = YY '(append a single quotation mark). at this time, abc. the SQL statement in ASP is changed to select * from table name where field = YY ', abc. asp running exception; ② HTTP: // xxx. xxx. xxx/abc. asp? P = YY and 1 = 1, abc. asp is running normally, and it works properly with HTTP: // xxx. xxx. xxx/abc. asp? P = YY: The running result is the same; ③ HTTP: // xxx. xxx. xxx/abc. asp? P = YY and 1 = 2, abc. asp is abnormal. if the preceding three steps are fully met, the SQL injection vulnerability exists in abc. asp. The code of an integer filter function is as follows: Function num_check ($ id ){ If (! $ Id ){ Die ('parameter cannot be blank! '); } // Whether it is null Else if (inject_check ($ id )){ Die ('invalid parameter '); } // Injection judgment Else if (! Is_numetic ($ id )){ Die ('invalid parameter '); } // Digital judgment $ Id = intval ($ id ); // Integer Return $ id; } // Character filtering function Function str_check ($ str ){ If (inject_check ($ str )){ Die ('invalid parameter '); } // Injection judgment $ Str = htmlspecialchars ($ str ); // Convert html Return $ str; } Function search_check ($ str ){ $ Str = str_replace ("_", "_", $ str ); // Filter out "_" $ Str = str_replace ("%", "%", $ str ); // Filter out "%" $ Str = htmlspecialchars ($ str ); // Convert html Return $ str; } // Form filter function Function post_check ($ str, $ min, $ max ){ If (isset ($ min) & strlen ($ str) <$ min ){ Die ('minimum $ min Byte '); } Else if (isset ($ max) & strlen ($ str)> $ max ){ Die ('maximum $ max Byte '); } Return stripslashes_array ($ str ); } ?> When the input parameter YY is a string, it is usually abc. the SQL statement in asp is roughly as follows: select * from table name where field = 'yy', so you can test whether SQL injection exists by following these steps. ① HTTP: // xxx. xxx. xxx/abc. asp? P = YY '(append a single quotation mark). at this time, abc. the SQL statement in ASP is changed to select * from table name where field = YY ', abc. asp running exception; ② HTTP: // xxx. xxx. xxx/abc. asp? P = YY &; nb... 39; 1' = '1', abc. asp is running normally, and is consistent with HTTP: // xxx. xxx. xxx/abc. asp? P = YY: The running result is the same; ③ HTTP: // xxx. xxx. xxx/abc. asp? P = YY &; nb... 39; 1' = '2', abc. asp is abnormal. if the preceding three steps are fully met, the SQL injection vulnerability exists in abc. asp. Attach a function to prevent SQL injection: // Anti-injection function Function inject_check ($ SQL _str ){ Return eregi ('select | inert | update | delete | '|/* |.../|./| UNION | into | load_file | outfile', $ SQL _str ); // Filter, prevent injection bbs.it-home.org } Function stripslashes_array (& $ array ){ If (is_array ($ array )){ Foreach ($ array as $ k => $ v ){ $ Array [$ k] = stripslashes_array ($ v ); } } Else if (is_string ($ array )){ $ Array = stripslashes ($ array ); } Return $ array; } ?>