function cleanstring($str){
$str = rawurldecode($str);
$badchars = array("<", ">", ".", "/", "?", "#", "*", "(", ")", "[", "]", "{", "}", "", ",", "=", '"', "'", ":", ";", "^", "@", "~", "!", " ");
$clean = "";
for($i=0; $i
if(array_search($str[$i], $badchars) === false){
$clean .= $str[$i];
}
}
return $clean;
}
$name = rawurlencode($_post['fname']);
$message = rawurlencode($_post['message']);
$xml = '';
$xml .= $_post['xml'];
$xml .="";
$t = time();
$filename = 'data/'.'99999'.$t.'_'.cleanstring($name).'.xml';
$file = fopen($filename, "w");
fwrite($file, strips教程lashes($xml));
fclose($file);
|