码迷,mamicode.com
首页 > 数据库 > 详细

自定义防SQL注入函数

时间:2014-06-26 18:22:50      阅读:255      评论:0      收藏:0      [点我收藏+]

标签:style   class   blog   code   color   2014   

  /************************************************
    *SQL防注入函数
    *@time 2014年6月24日18:50:59
    *
    */
    public function safe_replace($string){
        $string = str_replace(‘%20‘,‘‘,$string);
        $string = str_replace(‘%27‘,‘‘,$string);
        $string = str_replace(‘%2527‘,‘‘,$string);
        $string = str_replace(‘*‘,‘‘,$string);
        $string = str_replace(‘"‘,‘"‘,$string);
        $string = str_replace("‘",‘‘,$string);
        $string = str_replace(‘"‘,‘‘,$string);
        $string = str_replace(‘;‘,‘‘,$string);
        $string = str_replace(‘<‘,‘&lt;‘,$string);
        $string = str_replace(‘>‘,‘&gt;‘,$string);
        $string = str_replace("{",‘‘,$string);
        $string = str_replace(‘}‘,‘‘,$string);
        $string = str_replace("or","",$string);
        $string = str_replace("=","",$string);
        $string = str_replace("and","",$string);
        $string = str_replace("execute","",$string);
        $string = str_replace("update","",$string);
        $string = str_replace("count","",$string);
        $string = str_replace("chr","",$string);
        $string = str_replace("mid","",$string);
        $string = str_replace("master","",$string);
        $string = str_replace("truncate","",$string);
        $string = str_replace("char","",$string);
        $string = str_replace("declare","",$string);
        $string = str_replace("select","",$string);
        $string = str_replace("create","",$string);
        $string = str_replace("delete","",$string);
        $string = str_replace("insert","",$string);
        return $string;
    }

 

自定义防SQL注入函数,布布扣,bubuko.com

自定义防SQL注入函数

标签:style   class   blog   code   color   2014   

原文地址:http://www.cnblogs.com/zrp2013/p/3808477.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!