Sep
15
<?来源:中国防黑网
作者:三尺寒冰
简述:
/*************************
说明:
判断传递的变量中是否含有非法字符
如$_POST、$_GET
功能:
防注入
**************************/
//要过滤的非法字符
$ArrFiltrate=array("'",";","union");
//出错后要跳转的url,不填则默认前一页
$StrGoUrl="";
//是否存在数组中的值
function FunStringExist($StrFiltrate,$ArrFiltrate){
foreach ($ArrFiltrate as $key=>$value){
if (eregi($value,$StrFiltrate)){
return true;
}
}
return false;
}
//合并$_POST 和 $_GET
if(function_exists(array_merge)){
$ArrPostAndGet=array_merge($HTTP_POST_VARS,$HTTP_GET_VARS);
}else{
foreach($HTTP_POST_VARS as $key=>$value){
$ArrPostAndGet[]=$value;
}
foreach($HTTP_GET_VARS as $key=>$value){
$ArrPostAndGet[]=$value;
}
}
//验证开始
foreach($ArrPostAndGet as $key=>$value){
if (FunStringExist($value,$ArrFiltrate)){
echo "";
if (empty($StrGoUrl)){
echo "";
}else{
echo "";
}
exit;
}
}
?>
保存为checkpostandget.php
然后在每个php文件前加include(“checkpostandget.php“);即可
Sep
15
class String
{
/**
* subStrWithSuffix
* 中文字符截取 (Mon Aug 01 11:13:34 CST 2005)
* @version 1.0.0
* @author
* @deprecated 解决中文截取出现乱码
* @return string
*/
function subStrWithChr ($string, $length, $start = 0)
{
if ($start < 0 || ($stringLength = strlen($string)) < $start) return $string;
$length = (($length < 1 || $length > $stringLength)?$stringLength:$length);
for ($i = 1, $o = ($start % 2)?2:1; ($start > 0 && $i
< $o && ord(substr($string, $start , 1)) > 0xa0); $i ++)
$start --;
for ($i = 1, $o = ($length % 2)?2:1; ($stringLength > $length
&& $i < $o && ord(substr($string, $length - 1 ,
$length)) > 0xa0); $i ++) $length ++;
$string = substr($string, $start, $length);
return $string;
}
/**
* wordWrapWithChr
* 字符截行 (Mon Aug 01 14:15:37 CST 2005)
* @version 1.0.0
* @author
* @deprecated 解决中文截取出现乱码
* @return string
*/
function wordWrapWithChr ($string, $width, $break = null)
{
/**
* 中文标点符号怎么处理?暂时没有比较好的解决方案
* ,。?:;’‘“”、()*……—…%¥€$£·!
*/
for ($break = $break?$break:"\n", $line = 0, $text = array(),
$handle = 0, $length = strlen($string); $handle < $length; $handle
+= strlen($text[$line ++]))
$text[$line] = String::subStrWithChr($string, $width, $handle);
return implode($break, $text);/* */
}
}
function startTimer()
{
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
}
function endTimer()
{
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = round (($endtime - $starttime), 5);
return $totaltime;
}
?>
{
/**
* subStrWithSuffix
* 中文字符截取 (Mon Aug 01 11:13:34 CST 2005)
* @version 1.0.0
* @author
* @deprecated 解决中文截取出现乱码
* @return string
*/
function subStrWithChr ($string, $length, $start = 0)
{
if ($start < 0 || ($stringLength = strlen($string)) < $start) return $string;
$length = (($length < 1 || $length > $stringLength)?$stringLength:$length);
for ($i = 1, $o = ($start % 2)?2:1; ($start > 0 && $i
< $o && ord(substr($string, $start , 1)) > 0xa0); $i ++)
$start --;
for ($i = 1, $o = ($length % 2)?2:1; ($stringLength > $length
&& $i < $o && ord(substr($string, $length - 1 ,
$length)) > 0xa0); $i ++) $length ++;
$string = substr($string, $start, $length);
return $string;
}
/**
* wordWrapWithChr
* 字符截行 (Mon Aug 01 14:15:37 CST 2005)
* @version 1.0.0
* @author
* @deprecated 解决中文截取出现乱码
* @return string
*/
function wordWrapWithChr ($string, $width, $break = null)
{
/**
* 中文标点符号怎么处理?暂时没有比较好的解决方案
* ,。?:;’‘“”、()*……—…%¥€$£·!
*/
for ($break = $break?$break:"\n", $line = 0, $text = array(),
$handle = 0, $length = strlen($string); $handle < $length; $handle
+= strlen($text[$line ++]))
$text[$line] = String::subStrWithChr($string, $width, $handle);
return implode($break, $text);/* */
}
}
function startTimer()
{
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
}
function endTimer()
{
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = round (($endtime - $starttime), 5);
return $totaltime;
}
?>
