//echo '<pre>';
//php 批量过滤post,get敏感数据
if (get_magic_quotes_gpc()) {
$_GET = stripslashes_array($_GET,'GET');
$_POST = stripslashes_array($_POST,'POST');
// var_dump($_GET);die;
}
function stripslashes_array(&$array ,$leixing) {
while(list($key,$var) = each($array)) {
if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) {
if (is_string($var)) {
$v = lib_replace_end_tag(stripslashes($var),$leixing);
$array[$key] = $v ;
}
if (is_array($var)) {
$v = lib_replace_end_tag(stripslashes_array($var),$leixing);
$array[$key] = $v;
}
}
}
return $array;
}
//PHP整站防注入程序,需要在公共文件中require_once本文件
//判断magic_quotes_gpc状态
if (@get_magic_quotes_gpc ()) {
$_GET = sec ( $_GET );
$_POST = sec ( $_POST );
$_COOKIE = sec ( $_COOKIE );
$_FILES = sec ( $_FILES );
}
$_SERVER = sec ( $_SERVER );
function sec(&$array) {
//如果是数组,遍历数组,递归调用
if (is_array ( $array )) {
foreach ( $array as $k => $v ) {
$array [$k] = sec ( $v );
}
} else if (is_string ( $array )) {
//使用addslashes函数来处理
$array = addslashes ( $array );
} else if (is_numeric ( $array )) {
$array = intval ( $array );
}
return $array;
}
function lib_replace_end_tag($str,$leixing)
{
//var_dump($str);
if (empty($str)) return false;
$str = htmlspecialchars($str);
$str = filter_var($str, FILTER_SANITIZE_STRING);
// $str = preg_replace('/[^a-zA-Z0-9]/', '', $str);
$str = preg_replace('/[^\x7f-\xffa-zA-Z0-9]/', '', $str);//过滤除字母数字汉字 之外字符
$str = str_replace( '=', "", $str);
$str = str_replace( '/', "", $str);
$str = str_replace("", "", $str);
$str = str_replace(">", "", $str);
$str = str_replace("<", "", $str);
$str = str_replace("<SCRIPT>", "", $str);
$str = str_replace("</SCRIPT>", "", $str);
$str = str_replace("<script>", "", $str);
$str = str_replace("</script>", "", $str);
$str=str_replace("select","",$str);
$str=str_replace("join","",$str);
$str=str_replace("union","",$str);
$str=str_replace("where","",$str);
$str=str_replace("insert","",$str);
$str=str_replace("delete","",$str);
$str=str_replace("update","",$str);
$str=str_replace("like","",$str);
$str=str_replace("drop","",$str);
$str=str_replace("create","",$str);
$str=str_replace("modify","",$str);
$str=str_replace("rename","",$str);
$str=str_replace("alter","",$str);
$str=str_replace("cas","",$str);
$str=str_replace("&","&",$str);
$str=str_replace(">",">",$str);
$str=str_replace("<","<",$str);
$str=str_replace(" ",chr(32),$str);
$str=str_replace(" ",chr(9),$str);
$str=str_replace(" ",chr(9),$str);
$str=str_replace("&",chr(34),$str);
$str=str_replace("'",chr(39),$str);
$str=str_replace("<br />",chr(13),$str);
$str=str_replace("''","'",$str);
$str=str_replace("css","'",$str);
$str=str_replace("CSS","'",$str);
return $str;
}
php 批量过滤post,get敏感数据
最新推荐文章于 2024-02-27 12:21:31 发布