PHP general anti injection program recommended
- 2020-03-31 21:36:12
- OfStack
function jk1986_checksql()
{
$bad_str = "and|select|update|'|delete|insert|*";
$bad_Array = explode("|",$bad_str);
foreach ($bad_Array as $bad_a)
{
foreach ($_GET as $g)
{
if (substr_count(strtolower($g),$bad_a) > 0)
{
echo "<script>alert(' Strange characters , Please do not attempt to inject this site ! The author :Jk1986 QQ:414028660');location.href='index.php';</script>";
exit();
}
}
}
foreach ($bad_Array as $bad_a)
{
foreach ($_POST as $p)
{
if (substr_count(strtolower($p),$bad_a) > 0)
{
echo "<script>alert(' Strange characters , Please do not attempt to inject this site ! The author :Jk1986 QQ:414028660');location.href='index.php';</script>";
exit();
}
}
}
foreach ($bad_Array as $bad_a)
{
foreach ($_COOKIE as $co)
{
if (substr_count(strtolower($co),$bad_a) > 0)
{
echo "<script>alert(' Strange characters , Please do not attempt to inject this site ! The author :Jk1986 QQ:414028660');location.href='index.php';</script>";
exit();
}
}
}
}
Hehe similar to asp and asp. Net ideas, the purpose is to let lazy to improve efficiency