php快速查找數(shù)據(jù)庫(kù)中惡意代碼的方法

字號(hào):


    本文實(shí)例講述了php快速查找數(shù)據(jù)庫(kù)中惡意代碼的方法。分享給大家供大家參考。具體如下:
    數(shù)據(jù)庫(kù)被輸入惡意代碼,為了保證你的數(shù)據(jù)庫(kù)的安全,你必須得小心去清理。有了下面一個(gè)超級(jí)方便的功能,即可快速清除數(shù)據(jù)庫(kù)惡意代碼。
    function cleanInput($input) {
    $search = array(
    , // Strip out javascript
    , // Strip out HTML tags
    '@
    ]*?>.*?
    @siU', // Strip style tags properly
    // Strip multi-line comments
    );
    $output = preg_replace($search, '', $input);
    return $output;
    }
    function sanitize($input) {
    if (is_array($input)) {
    foreach($input as $var=>$val) {
    $output[$var] = sanitize($val);
    }
    }
    else {
    if (get_magic_quotes_gpc()) {
    $input = stripslashes($input);
    }
    $input = cleanInput($input);
    $output = mysql_real_escape_string($input);
    }
    return $output;
    }
    // Usage:
    $bad_string = "Hi! It's a good day!";
    $good_string = sanitize($bad_string);
    // $good_string returns "Hi! It\'s a good day!"
    // Also use for getting POST/GET variables
    $_POST = sanitize($_POST);
    $_GET = sanitize($_GET);