首页 > 代码库 > 自定义防SQL注入函数
自定义防SQL注入函数
/************************************************ *SQL防注入函数 *@time 2014年6月24日18:50:59 * */ public function safe_replace($string){ $string = str_replace(‘%20‘,‘‘,$string); $string = str_replace(‘%27‘,‘‘,$string); $string = str_replace(‘%2527‘,‘‘,$string); $string = str_replace(‘*‘,‘‘,$string); $string = str_replace(‘"‘,‘"‘,$string); $string = str_replace("‘",‘‘,$string); $string = str_replace(‘"‘,‘‘,$string); $string = str_replace(‘;‘,‘‘,$string); $string = str_replace(‘<‘,‘<‘,$string); $string = str_replace(‘>‘,‘>‘,$string); $string = str_replace("{",‘‘,$string); $string = str_replace(‘}‘,‘‘,$string); $string = str_replace("or","",$string); $string = str_replace("=","",$string); $string = str_replace("and","",$string); $string = str_replace("execute","",$string); $string = str_replace("update","",$string); $string = str_replace("count","",$string); $string = str_replace("chr","",$string); $string = str_replace("mid","",$string); $string = str_replace("master","",$string); $string = str_replace("truncate","",$string); $string = str_replace("char","",$string); $string = str_replace("declare","",$string); $string = str_replace("select","",$string); $string = str_replace("create","",$string); $string = str_replace("delete","",$string); $string = str_replace("insert","",$string); return $string; }
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。