中文字幕亚洲乱码熟女在线萌芽,国语熟妇乱人乱a片久久,亚洲色偷偷色噜噜狠狠99网 http://www.86956464.com/blog 中山php|最優網絡 Mon, 13 May 2013 04:56:43 +0000 en hourly 1 http://wordpress.org/?v=3.1.4 php過濾客戶提交參數,防注入 http://www.86956464.com/blog/view-417.html http://www.86956464.com/blog/view-417.html#comments Sat, 24 Nov 2012 09:16:40 +0000 lin http://www.86956464.com/blog/?p=417 以下代碼實現過濾php的$_GET 和$_POST參數

/**
* 安全防范
*/
function Add_S($array)
{
foreach($array as $key=>$value)
{
if(!is_array($value))
{
$value = get_magic_quotes_gpc()?$value:addslashes($value);
$array[$key]=filterHtml($value);
}
Else
{
Add_S($array[$key]);
}
}
return $array;
}
function glstr($var) {

if (is_array($var)) {
return Add_S($var);
}
elseif(strlen($var)){
$var = get_magic_quotes_gpc()?$var:addslashes($var);

$var = filterHtml($var);
}
return $var;
}
function filterHtml($html)
{
$farr = array(
"/<!DOCTYPE([^>]*?)>/eis",
"/<(\/?)(html|body|head|link|meta|base|input)([^>]*?)>/eis",
"/<(script|i?frame|style|title|form)(.*?)<\/\\1>/eis",
"/(<[^>]*?\s+)on[a-z]+\s*?=(\"|')([^\\2]*)\\2([^>]*?>)/isU",//過濾javascript的on事件
"/\s+/",//過濾多余的空白
);
$tarr = array(
"",
"",
"",
"\\1\\4",
" ",
);
$html = preg_replace( $farr,$tarr,$html);
return $html;
}
if (sizeof($_GET)) {
foreach($_GET as $key => $value) {
$_GET[$key] = glstr($value); //
}

}
if (sizeof($_POST)) {
foreach($_POST as $key => $value) {
$_POST[$key] = glstr($value); //
}
}

]]> http://www.86956464.com/blog/view-417.html/feed 343