如$_POST、$_GET
功能:
防注入
*************************/
//要過濾的非法字元
$ArrFiltrate=array("'","or","and","union","where");
//出錯後要跳轉的url,不填則預設前一頁
$StrGoUrl="";
//是否存在數組中的值
function FunStringExist($StrFiltrate,$ArrFiltrate){
foreach ($ArrFiltrate as $key=>$value){
if (eregi($value,$StrFiltrate)){
return true;
}
}
return false;
}
//合并$_POST 和 $_GET
if(function_exists(array_merge)){
$ArrPostAndGet=array_merge($HTTP_POST_VARS,$HTTP_GET_VARS);
}else{
foreach($HTTP_POST_VARS as $key=>$value){
$ArrPostAndGet[]=$value;
}
foreach($HTTP_GET_VARS as $key=>$value){
$ArrPostAndGet[]=$value;
}
}
//驗證開始
foreach($ArrPostAndGet as $key=>$value){
if (FunStringExist($value,$ArrFiltrate)){
echo "ipt language='javascript'>alert('傳遞的資訊中不得包含{\',or,and,union}等非法字元請您把他們換成{‘,OR,AND,UNION}');";
if (empty($StrGoUrl)){
echo "history.go(-1);";
}else{
echo "window.location='".$StrGoUrl."';";
}
exit;
}
}
/***************結束防止PHP注入*****************/
?>
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
