php防止sql注入之過濾分頁參數

執行個體

代碼如下

複製代碼

$this->load->library ( 'pagination' ); $config ['base_url'] = site_url () . '/guest/show'; $config ['total_rows'] = $c; $config ['per_page'] = $pernum = 15; $config ['uri_segment'] = 3; $config ['use_page_numbers'] = TRUE; $config ['first_link'] = '第一頁'; $config ['last_link'] = '最後一頁'; $config ['num_links'] = 5; $this->pagination->initialize ( $config ); if (! $this->uri->segment ( 3 )) {     $currentnum = 0; } else {     $currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum:0; }   $current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1; if($current_page){     $data ['title'] = '第'.$current_page.'頁-留言本-大冶實驗高中首屆宏志班網站'; } else{     $data ['title'] = '留言本-大冶實驗高中首屆宏志班網站'; }   $data ['liuyan'] = $this->ly->getLy ( $pernum, $currentnum );

其中：

代碼如下	複製代碼
$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1; $currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;

這兩句判斷了參數是否為數字。防止非法字元輸入。