php Filter Paging Parameter Example for Preventing sql Injection

This article illustrates how php prevents filtering paging parameters in sql injection. Share it for your reference. The specific analysis is as follows:

As far as network security is concerned, don't trust any input information on the network, and we must filter parameters for any input information. In this regard, let's first look at the following examples:

$this->load->library ( 'pagination' );

$config ['base_url'] = site_url () . '/guest/show';

$config ['total_rows'] = $c;

$config ['per_page'] = $pernum = 15;

$config ['uri_segment'] = 3;

$config ['use_page_numbers'] = TRUE;

$config ['first_link'] = ' No. 1 1 Page ';

$config ['last_link'] = ' Finally 1 Page ';

$config ['num_links'] = 5;

$this->pagination->initialize ( $config );

if (! $this->uri->segment ( 3 )) {

    $currentnum = 0;

} else {

    $currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum:0;

}

 

$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;

if($current_page){

    $data ['title'] = ' No. 1 '.$current_page.' Page - Message book - Prevent SQL Injection test ';

}

else{

    $data ['title'] = ' Message book - Prevent SQL Injection test ';

}

 

$data ['liuyan'] = $this->ly->getLy ( $pernum, $currentnum );

Among them:

$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;

$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;

These two sentences determine whether the parameter is a number. Prevent illegal character input.

I hope this article is helpful to everyone's PHP programming.