<?php
class sqlsafe {
private $getfilter = "'|(and|or)\b.+?(>|<|=|in|like)|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
private $postfilter = "\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
private $cookiefilter = "\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|\/\*.+?\*\/|<\s*script\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)";
public function __construct() {
foreach($_GET as $key=>$value){$this->stopattack($key,$value,$this->getfilter);}
foreach($_POST as $key=>$value){$this->stopattack($key,$value,$this->postfilter);}
foreach($_COOKIE as $key=>$value){$this->stopattack($key,$value,$this->cookiefilter);}
}
public function stopattack($StrFiltKey, $StrFiltValue, $ArrFiltReq){
if(is_array($StrFiltValue))$StrFiltValue = implode($StrFiltValue);
if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue) == 1){
$this->writeslog($_SERVER["REMOTE_ADDR"]." ".strftime("%Y-%m-%d %H:%M:%S")." ".$_SERVER["PHP_SELF"]." ".$_SERVER["REQUEST_METHOD"]." ".$StrFiltKey." ".$StrFiltValue);
showmsg('您提交的參數(shù)非法,系統(tǒng)已記錄您的本次操作!','',0,1);
}
}
public function writeslog($log){
$log_path = CACHE_PATH.'logs'.DIRECTORY_SEPARATOR.'sql_log.txt';
$ts = fopen($log_path,"a+");
fputs($ts,$log."\r\n");
fclose($ts);
}
}? ??? ?????? ?? ?? ????? ??? ?? ??? ???? ???? ????? SQL ?? ??? ?????. SQL ?? ??? ?? ??? PHP ??? ????????
? ???? ?? ???? ???? ????? ?? ???? ????? ????????. ?????? ???? ?? ??????! ? ???? ?? ???? ?? ?????? ?????. ??? ???? ???? ??? ????. ??? ??? ?? ??? ?? ??? ???? ????! ??? ?? ?? ??? ???? ????? ????. ???: admin@php.cn
?? ??
SQL ??? ???? PHP ??
22 Jul 2025
SQL ??? ???? ?? ??? ??? ? ? ?? ??? ? ??? ???? ????. 1. PDO ??? ???? ???? ??? ?? ??? ?? ??? ?? ??? ??? ????? ??? SQL ??? ???? ??????. 2. MySQLI? ??? ? Bind_Param ??? ???? ??? ? ??? SQL ??? ???? ?? ???? ?? ?? ?? ??? ???? ?????. 3. ??? ???? ???? ??? ???? ?? ??? mysqli_real_escape_string? ?? ??? ???? ???? ????. 4. PHP ?? ?? ??? ???? ?? ???? ???? ???? ?? Filter_Input ? Intval? ?? ??? ??????. ??? ??? PHP ?? ????? ??? ????? ???? SQL? ?? ? ? ????.
PHP ???????? SQL ??? ????? ???? ??? ??????
30 Dec 2024
PHP?? SQL ??? ???? ???? ?? SQL ??? ??? ??? ?? ???? ?? ????? ??? ??????.
PHP MySQLi? ???? SQL ??? ????? ???? ??? ??????
18 Nov 2024
PHP MySQL? ??? SQL ?? ??IPHP MySQL? ??? ? SQL ??? ?????I SQL? ??? ?? ??? ???? ?? ?????...
??? ? ?????? & lt; thread & gt? ???? C?? ???? ??? ???? ???????????
26 Mar 2025
? ??? & lt; thread & gt; ???, ?? ? ??? ?? ??. ?? ??? ??????? ?? ??? ???? ??? ?????.
?? ??? ??? ?????? : Siri? ??? ???? ??
24 Feb 2025
iOS 18.1, iPados 18.1 ? MacOS 15.1 Sequoia? ??? ????? ?????. Siri? ??? ?? ??? ??????. ?, ? ??? ?? ???? ???? Siri? ?? ? ? ????. ???, ??? ? ?? ???? ?? ????? ?? ??????. Siri? ??? ?? ??? ? ? ?? ???? ???? ??? ??? ??? ??? ??? ?? ?????. ?? Apple? ??? ??? ???? ?? ?? ???? ????. ??? ?? ??? Siri ??? ??? Chatgpt ?? ??? ???? ?? ?? ??? ????? ( "Apple Intel"???? ??? ? ????.
JavaScript? ??? ?? ??? ? ?? ?
20 Apr 2025
??? JavaScript?? ?????. ??? ??? ??? ?? ?? ???? ??? ??? (?? FN ? ??)? ???? ?? (ha!) ??? ??? ?? ??????.
??? ??
??? ?? ????? PHP ?????
??? ?? ????? PHP ?????
50?? ??? ??? PHP ???? ??
??? PHP ????, ??? ????? ??? ???? ?????
??? ???? ?? ?? PHP ?????
??? ???? ?? ?? PHP ?????