/**
* 安全過濾類-過濾javascript,css,iframes,object等不安全參數(shù) 過濾級(jí)別高
* @param string $value 需要過濾的值
* @return string
*/
function fliter_script($value) {
$value = preg_replace("/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i","111n\\2",$value);
$value = preg_replace("/(.*?)\/script>/si","",$value);
$value = preg_replace("/(.*?)\/iframe>/si","",$value);
$value = preg_replace ("http://iesU", '', $value);
return $value;
}
/**
* 安全過濾類-過濾HTML標(biāo)簽
* @param string $value 需要過濾的值
* @return string
*/
function fliter_html($value) {
if (function_exists('htmlspecialchars')) return htmlspecialchars($value);
return str_replace(array("", '"', "'", "", ">"), array("", "\"", "'", "", ">"), $value);
}
/**
* 安全過濾類-對(duì)進(jìn)入的數(shù)據(jù)加下劃線 防止SQL注入
* @param string $value 需要過濾的值
* @return string
*/
function fliter_sql($value) {
$sql = array("select", 'insert', "update", "delete", "\'", "/*",
"../", "./", "union", "into", "load_file", "outfile");
$sql_re = array("","","","","","","","","","","","");
return str_replace($sql, $sql_re, $value);
}
/**
* 安全過濾類-通用數(shù)據(jù)過濾
* @param string $value 需要過濾的變量
* @return string|array
*/
function fliter_escape($value) {
if (is_array($value)) {
foreach ($value as $k => $v) {
$value[$k] = self::fliter_str($v);
}
} else {
$value = self::fliter_str($value);
}
return $value;
}
/**
* 安全過濾類-字符串過濾 過濾特殊有危害字符
* @param string $value 需要過濾的值
* @return string
*/
function fliter_str($value) {
$badstr = array("0", "%00", "r", '', ' ', '"', "'", "", ">", " ", "%3C", "%3E");
$newstr = array('', '', '', '', ' ', '"', ''', "", ">", " ", "", ">");
$value = str_replace($badstr, $newstr, $value);
$value = preg_replace('/((#(\d{3,5}|x[a-fA-F0-9]{4}));)/', '\\1', $value);
return $value;
}
/**
* 私有路勁安全轉(zhuǎn)化
* @param string $fileName
* @return string
*/
function filter_dir($fileName) {
$tmpname = strtolower($fileName);
$temp = array(':/',"0", "..");
if (str_replace($temp, '', $tmpname) !== $tmpname) {
return false;
}
return $fileName;
}
/**
* 過濾目錄
* @param string $path
* @return array
*/
public function filter_path($path) {
$path = str_replace(array("'",'#','=','`','$','%','',';'), '', $path);
return rtrim(preg_replace('/(\/){2,}|(\\\){1,}/', '/', $path), '/');
}
/**
* 過濾PHP標(biāo)簽
* @param string $string
* @return string
*/
public function filter_phptag($string) {
return str_replace(array(''), array('?', '?>'), $string);
}
/**
* 安全過濾類-返回函數(shù)
* @param string $value 需要過濾的值
* @return string
*/
public function str_out($value) {
$badstr = array("", ">", "%3C", "%3E");
$newstr = array("", ">", "", ">");
$value = str_replace($newstr, $badstr, $value);
return stripslashes($value); //下劃線
}
更多關(guān)于CodeIgniter相關(guān)內(nèi)容感興趣的讀者可查看本站專題:《codeigniter入門教程》�����、《CI(CodeIgniter)框架進(jìn)階教程》��、《php優(yōu)秀開發(fā)框架總結(jié)》���、《ThinkPHP入門教程》�����、《ThinkPHP常用方法總結(jié)》�、《Zend FrameWork框架入門教程》�、《php面向?qū)ο蟪绦蛟O(shè)計(jì)入門教程》、《php+mysql數(shù)據(jù)庫操作入門教程》及《php常見數(shù)據(jù)庫操作技巧匯總》
