php 批量过滤post,get敏感数据

最新推荐文章于 2024-02-27 12:21:31 发布

下雪的哈尔滨

最新推荐文章于 2024-02-27 12:21:31 发布

阅读量120

点赞数

文章标签： php android 开发语言

本文链接：https://blog.csdn.net/qq_39160867/article/details/134399235

版权

//echo '<pre>';

//php 批量过滤post,get敏感数据

if (get_magic_quotes_gpc()) {
	$_GET = stripslashes_array($_GET,'GET');
	$_POST = stripslashes_array($_POST,'POST');
//	var_dump($_GET);die;
}

function stripslashes_array(&$array ,$leixing) {
	while(list($key,$var) = each($array)) {
		if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) {
			if (is_string($var)) {
				$v = lib_replace_end_tag(stripslashes($var),$leixing);
				$array[$key] = $v ;
			}
			if (is_array($var))  {
				$v = lib_replace_end_tag(stripslashes_array($var),$leixing);
				$array[$key] = $v;
			}
		}
	}
	return $array;
}


//PHP整站防注入程序，需要在公共文件中require_once本文件
//判断magic_quotes_gpc状态
if (@get_magic_quotes_gpc ()) {
	$_GET = sec ( $_GET );
	$_POST = sec ( $_POST );
	$_COOKIE = sec ( $_COOKIE );
	$_FILES = sec ( $_FILES );
}
$_SERVER = sec ( $_SERVER );
function sec(&$array) {
	//如果是数组，遍历数组，递归调用
	if (is_array ( $array )) {
		foreach ( $array as $k => $v ) {
			$array [$k] = sec ( $v );
		}
	} else if (is_string ( $array )) {
		//使用addslashes函数来处理
		$array = addslashes ( $array );
	} else if (is_numeric ( $array )) {
		$array = intval ( $array );
	}

	return $array;
}

function lib_replace_end_tag($str,$leixing)
{

//var_dump($str);
	if (empty($str)) return false;

	$str = htmlspecialchars($str);

	$str = filter_var($str, FILTER_SANITIZE_STRING);
//	$str = preg_replace('/[^a-zA-Z0-9]/', '', $str);
	$str = preg_replace('/[^\x7f-\xffa-zA-Z0-9]/', '', $str);//过滤除字母数字汉字 之外字符

	$str = str_replace( '=', "", $str);

	$str = str_replace( '/', "", $str);

	$str = str_replace("", "", $str);

	$str = str_replace(">", "", $str);

	$str = str_replace("<", "", $str);

	$str = str_replace("<SCRIPT>", "", $str);

	$str = str_replace("</SCRIPT>", "", $str);

	$str = str_replace("<script>", "", $str);

	$str = str_replace("</script>", "", $str);

	$str=str_replace("select","",$str);

	$str=str_replace("join","",$str);

	$str=str_replace("union","",$str);

	$str=str_replace("where","",$str);

	$str=str_replace("insert","",$str);

	$str=str_replace("delete","",$str);

	$str=str_replace("update","",$str);

	$str=str_replace("like","",$str);

	$str=str_replace("drop","",$str);

	$str=str_replace("create","",$str);

	$str=str_replace("modify","",$str);

	$str=str_replace("rename","",$str);

	$str=str_replace("alter","",$str);

	$str=str_replace("cas","",$str);

	$str=str_replace("&","&",$str);

	$str=str_replace(">",">",$str);

	$str=str_replace("<","<",$str);

	$str=str_replace(" ",chr(32),$str);

	$str=str_replace(" ",chr(9),$str);

	$str=str_replace(" ",chr(9),$str);

	$str=str_replace("&",chr(34),$str);

	$str=str_replace("'",chr(39),$str);

	$str=str_replace("<br />",chr(13),$str);

	$str=str_replace("''","'",$str);

	$str=str_replace("css","'",$str);

	$str=str_replace("CSS","'",$str);

	return $str;

}