php 防sql注入过滤代码
我们提供了三个函数不来过滤一些特殊的字符,主要是利用php把sql敏感字符串给过滤掉了,好了下面来看看这款代码吧,有需要的朋友拿去看看,实例代码如下:
function phpsql_show( $str ){ $str = stripslashes ( $str ); $str = str_replace ( "\" , "" , $str ); $str = str_replace ( "/" , "/" , $str ); $str = str_replace ( " " , " " , $str ); $str = str_replace ( "," , "," , $str ); return $str ; } function phpsql_post( $str ){ $str = stripslashes ( $str ); $str = str_replace ( "|" , "|" , $str ); $str = str_replace ( "<" , "<" , $str ); $str = str_replace ( ">" , ">" , $str ); $str = str_replace ( " " , " " , $str ); $str = str_replace ( " " , " " , $str ); $str = str_replace ( "(" , "(" , $str ); $str = str_replace ( ")" , ")" , $str ); $str = str_replace ( "`" , "`" , $str ); //$str = str_replace("'", "'", $str); $str = str_replace ( '"' , """, $str ); $str = str_replace ( "," , "," , $str ); $str = str_replace ( "$" , "$" , $str ); $str = str_replace ( "" , "\" , $str ); $str = str_replace ( "/" , "/" , $str ); return $str ; } //开源代码phpfensi.com function phpsql_replace( $str ){ $str = stripslashes ( $str ); $str = str_replace ( "'" , "'" , $str ); return $str ; }查看更多关于php 防sql注入过滤代码 - php函数的详细内容...
声明:本文来自网络,不代表【好得很程序员自学网】立场,转载请注明出处:http://haodehen.cn/did30790