zoukankan      html  css  js  c++  java
  • mysql 注入过滤

    //表单过滤

    public function _safe($str) {



    $html_string = array("&amp;", "&nbsp;", "'", '"', "<", ">", " ", " ");



    $html_clear = array("&", " ", "&#39;", "&quot;", "&lt;", "&gt;", "&nbsp; &nbsp; ", "");



    $js_string = array("/<script(.*)</script>/isU");



    $js_clear = array("");







    $frame_string = array("/<frame(.*)>/isU", "/</fram(.*)>/isU", "/<iframe(.*)>/isU", "/</ifram(.*)>/isU",);



    $frame_clear = array("", "", "", "");







    $style_string = array("/<style(.*)</style>/isU", "/<link(.*)>/isU", "/</link>/isU");



    $style_clear = array("", "", "");







    $str = trim($str);



    //过滤字符串



    $str = str_replace($html_string, $html_clear, $str);



    //过滤JS



    $str = preg_replace($js_string, $js_clear, $str);



    //过滤ifram



    $str = preg_replace($frame_string, $frame_clear, $str);



    //过滤style



    $str = preg_replace($style_string, $style_clear, $str);



    return $str;
    }
  • 相关阅读:
    JavaWeb 【介绍】
    Python3 【解析库XPath】
    Python【类编程】
    Python3【正则表达式】
    Java GUI【记事本】
    Java 【笔记本】
    Python3 【requests使用】
    Java 【食品库存管理】
    AGC027 C
    AGC027 A
  • 原文地址:https://www.cnblogs.com/yangchong/p/6534157.html
Copyright © 2011-2022 走看看