二种php防注入代码

作者:袖梨 2022-06-24
 代码如下 复制代码

php
$magic_quotes_gpc = get_magic_quotes_gpc();
@extract(daddslashes($_COOKIE));
@extract(daddslashes($_POST));
@extract(daddslashes($_GET));
if(!$magic_quotes_gpc) {
$_FILES = daddslashes($_FILES);
}

function daddslashes($string, $force = 0) {
if(!$GLOBALS['magic_quotes_gpc'] || $force) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
}
return $string;
}
?>

防注入二

 代码如下 复制代码

function inject_check($sql_str) { //防止注入
  $check = eregi('select|insert|update|delete|'|/*|*|../|./|union|into|load_file|outfile', $sql_str);
  if ($check) {
   echo "输入非法注入内容!";
   exit ();
  } else {
   return $sql_str;
  }
 }
 function checkurl() { //检查来路
  if (preg_replace("/https?://([^:/]+).*/i", "1", $_SERVER['HTTP_REFERER']) !== preg_replace("/([^:]+).*/", "1", $_SERVER['HTTP_HOST'])) {
   header("Location: http://www.111com.net");
   exit();
  }
 }

相关文章

精彩推荐