function jk1986_checksql()
{
$bad_str = "and|select|update|‘|delete|insert|*";
$bad_Array = explode("|",$bad_str);
/** 過濾Get參數 **/
foreach ($bad_Array as $bad_a)
{
foreach ($_GET as $g)
{
if (substr_count(strtolower($g),$bad_a) > 0)
{
echo "";
exit();
}
}
}
/** 過濾Post參數 **/
foreach ($bad_Array as $bad_a)
{
foreach ($_POST as $p)
{
if (substr_count(strtolower($p),$bad_a) > 0)
{
echo "";
exit();
}
}
}
/** 過濾Cookies參數 **/
foreach ($bad_Array as $bad_a)
{
foreach ($_COOKIE as $co)
{
if (substr_count(strtolower($co),$bad_a) > 0)
{
echo "";
exit();
}
}
}
}
呵呵 類似asp和asp.net 思路一樣,目的就是讓懶來提高效率 .88
原文:http://www.jb51.net/article/26386.htm
)
的單詞速記數據庫分析設計與實現...)
)
)
)
