/** 参数过滤,格式化**/
function format_param($value=null,$int=0){
if($value==null){ return '';}
switch ($int){
case 0://整数
return (int)$value;
case 1://字符串
$value=htmlspecialchars(trim($value),ENT_QUOTES);
if(version_compare(PHP_VERSION,'7.4','>=')){
$value = addslashes($value); }else{
if(!get_magic_quotes_gpc())$value = addslashes($value); }
return $value;
case 2://数组 if($value=='')return ''; array_walk_recursive($value, "array_format");
return $value;case 3://浮点 return (float)$value;
case 4:
if(version_compare(PHP_VERSION,'7.4','>=')){ $value = addslashes($value); }else{
if(!get_magic_quotes_gpc())$value = addslashes($value); }
return trim($value); }}
//过滤XSS攻击
function SafeFilter(&$arr) {
$ra=Array('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','/script/','/javascript/','/vbscript/','/expression/','/applet/' ,'/meta/','/xml/','/blink/','/link/','/style/','/embed/','/object/','/frame/','/layer/','/title/','/bgsound/' ,'/base/','/onload/','/onunload/','/onchange/','/onsubmit/','/onreset/','/onselect/','/onblur/','/onfocus/', '/onabort/','/onkeydown/','/onkeypress/','/onkeyup/','/onclick/','/ondblclick/','/onmousedown/','/onmousemove/','/onmouseout/','/onmouseover/','/onmouseup/','/onunload/');
if (is_array($arr))
{
foreach ($arr as $key => $value) {
if (!is_array($value)) {
if(version_compare(PHP_VERSION,'7.4','>='))
{ $value = addslashes($value); }
else
{
if (!get_magic_quotes_gpc())
{ $value = addslashes($value); } }
$value = preg_replace($ra,'',$value); //删除非打印字符,粗暴式过滤xss可疑字符串 $arr[$key] = htmlentities(strip_tags($value)); //去除 HTML 和 PHP 标记并转换为 HTML 实体 }
else { SafeFilter($arr[$key]); } } }}