整理了php过滤字符串几个例子

楼主^#

更多发布于：2015-01-11 17:07

[] 1


	php中过滤一些特殊字符我们通常用于在安全数据提交或者敏感词的过滤上，下面整理了一些常用的例子供大家参考，有需要了可进入参考。例子我们利用preg_replace与str_ireplace来进行替换操作代码如下 public static function filterStr( $value ) { if ( empty( $value ) ) { return ""; } $value = trim( $value ); $badstr = array( "x00", "%00", "r", "&", """, "'", "<", ">", "%3C", "%3E" ); $newstr = array( "", "", "", "&", """, "'", "<", ">", "<", ">" ); $value = str_ireplace( $badstr, $newstr, $value ); $value = preg_replace( "/&((#(d{3,5}\|x[a-fA-F0-9]{4}));)/", "&1", $value ); return $value; } public static function stripArray( &$_data ) { if ( is_array( $_data ) ) { foreach ( $_data as $_key => $_value ) { $_data[$_key] = trim( self::striparray( $_value ) ); } return $_data; } return stripslashes( trim( $_data ) ); } 另收藏：代码如下 <?php class XRequest { public static function getPost( $name = "" ) { if ( empty( $name ) ) { return $_POST; } if ( isset( $_POST[$name] ) ) { return $_POST[$name]; } return ""; } public static function getGet( $name = "" ) { if ( empty( $name ) ) { return $_GET; } if ( isset( $_GET[$name] ) ) { return $_GET[$name]; } return ""; } public static function getCookie( $name = "" ) { if ( $name == "" ) { return $_COOKIE; } if ( isset( $_COOKIE[$name] ) ) { return $_COOKIE[$name]; } return ""; } public static function getSession( $name = "" ) { if ( $name == "" ) { return $_SESSION; } if ( isset( $_SESSION[$name] ) ) { return $_SESSION[$name]; } return ""; } public static function fetchEnv( $name = "" ) { if ( $name == "" ) { return $_ENV; } if ( isset( $_ENV[$name] ) ) { return $_ENV[$name]; } return ""; } public static function getService( $name = "" ) { if ( $name == "" ) { return $_SERVER; } if ( isset( $_SERVER[$name] ) ) { return $_SERVER[$name]; } return ""; } public static function getPhpSelf( ) { return strip_tags( self::getservice( "PHP_SELF" ) ); } public static function getServiceName( ) { return self::getservice( "SERVER_NAME" ); } public static function getRequestTime( ) { return self::getservice( "REQUEST_TIME" ); } public static function getUserAgent( ) { return self::getservice( "HTTP_USER_AGENT" ); } public static function getUri( ) { return self::getservice( "REQUEST_URI" ); } public static function isPost( ) { if ( strtolower( self::getservice( "REQUEST_METHOD" ) ) == "post" ) { return TRUE; } return FALSE; } public static function isGet( ) { if ( strtolower( self::getservice( "REQUEST_METHOD" ) ) == "get" ) { return TRUE; } return FALSE; } public static function isAjax( ) { if ( self::getservice( "HTTP_X_REQUESTED_WITH" ) && strtolower( self::getservice( "HTTP_X_REQUESTED_WITH" ) ) == "xmlhttprequest" ) { return TRUE; } if ( self::getservice( "HTTP_REQUEST_TYPE" ) && strtolower( self::getservice( "HTTP_REQUEST_TYPE" ) ) == "ajax" ) { return TRUE; } if ( self::getpost( "oe_ajax" ) \|\| self::getget( "oe_ajax" ) ) { return TRUE; } return FALSE; } public static function getip( ) { static $realip = NULL; if ( isset( $_SERVER ) ) { if ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) { $realip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else if ( isset( $_SERVER['HTTP_CLIENT_IP'] ) ) { $realip = $_SERVER['HTTP_CLIENT_IP']; } else { $realip = $_SERVER['REMOTE_ADDR']; } } else if ( getenv( "HTTP_X_FORWARDED_FOR" ) ) { $realip = getenv( "HTTP_X_FORWARDED_FOR" ); } else if ( getenv( "HTTP_CLIENT_IP" ) ) { $realip = getenv( "HTTP_CLIENT_IP" ); } else { $realip = getenv( "REMOTE_ADDR" ); } $one = "([0-9]\|[0-9]{2}\|1dd\|2[0-4]d\|25[0-5])"; if ( !@preg_match( "/".$one.".".$one.".".$one.".".$one."$/", $realip ) ) { $realip = "0.0.0.0"; } return $realip; } protected static function uri( ) { $uri = self::geturi( ); $file = dirname( $_SERVER['SCRIPT_NAME'] ); $request = str_replace( $file, "", $uri ); $request = explode( "/", trim( $request, "/" ) ); if ( isset( $request[0] ) ) { $GLOBALS['_GET']['c'] = $request[0]; unset( $request[0] ); } if ( isset( $request[1] ) ) { $GLOBALS['_GET']['a'] = $request[1]; unset( $request[1] ); } if ( 1 < count( $request ) ) { $mark = 0; $val = $key = array( ); foreach ( $request as $value ) { ++$mark; if ( $mark % 2 == 0 ) { $val[] = $value; } else { $key[] = $value; } } if ( count( $key ) !== count( $val ) ) { $val[] = NULL; } $get = array_combine( $key, $val ); foreach ( $get as $key => $value ) { $GLOBALS['_GET'][$key] = $value; } } return TRUE; } public static function getGpc( $value, $isfliter = TRUE ) { if ( !is_array( $value ) ) { if ( isset( $_GET[$value] ) ) { $temp = trim( $_GET[$value] ); } if ( isset( $_POST[$value] ) ) { $temp = trim( $_POST[$value] ); } $temp = $isfliter === TRUE ? XFilter::filterstr( $temp ) : $temp; return trim( $temp ); } $temp = array( ); foreach ( $value as $val ) { if ( isset( $_GET[$val] ) ) { $temp[$val] = trim( $_GET[$val] ); } if ( isset( $_POST[$val] ) ) { $temp[$val] = trim( $_POST[$val] ); } $temp[$val] = $isfliter === TRUE ? XFilter::filterstr( $temp[$val] ) : $temp[$val]; } return $temp; } public static function getArgs( $value, $default = NULL, $isfliter = TRUE ) { if ( !empty( $value ) ) { if ( isset( $_GET[$value] ) ) { $temp = trim( $_GET[$value] ); } if ( isset( $_POST[$value] ) ) { $temp = trim( $_POST[$value] ); } if ( $isfliter ) { $temp = XFilter::filterstr( $temp ); } else { $temp = XFilter::striparray( $temp ); } if ( empty( $temp ) && !empty( $default ) ) { $temp = $default; } return trim( $temp ); } return ""; } public static function getInt( $value, $default = NULL ) { if ( !empty( $value ) ) { if ( isset( $_GET[$value] ) ) { $temp = $_GET[$value]; } if ( isset( $_POST[$value] ) ) { $temp = $_POST[$value]; } $temp = XFilter::filterstr( $temp ); if ( empty( $temp ) \|\| FALSE === XValid::isnumber( $temp ) ) { if ( TRUE === XValid::isnumber( $default ) ) { $temp = $default; } else { $temp = 0; } } return intval( $temp ); } return 0; } public static function getArray( $value ) { if ( !empty( $value ) ) { if ( isset( $_GET[$value] ) ) { $temp = $_GET[$value]; } if ( isset( $_POST[$value] ) ) { $temp = $_POST[$value]; } return $temp; } return ""; } public static function recArgs( $value ) { if ( !empty( $value ) ) { if ( isset( $_GET[$value] ) ) { $temp = $_GET[$value]; } if ( isset( $_POST[$value] ) ) { $temp = $_POST[$value]; } return XFilter::filterbadchar( $temp ); } return ""; } public static function getComArgs( $itemname ) { $args = ""; $array = self::getarray( $itemname ); if ( !empty( $array ) ) { $ii = 0; for ( ; $ii < count( $array ); ++$ii ) { $val = XFilter::filterbadchar( $array[$ii] ); if ( !empty( $val ) ) { if ( $ii == 0 ) { $args = $val; } else if ( $args == "" ) { $args = $val; } else { $args = $args.",".$val; } } } } return $args; } public static function getComInts( $name ) { $args = ""; $array = self::getarray( $name ); if ( !empty( $array ) ) { $ii = 0; for ( ; $ii < count( $array ); ++$ii ) { $val = intval( XFilter::filterbadchar( $array[$ii] ) ); if ( !empty( $val ) ) { if ( $ii == 0 ) { $args = $val; } else if ( $args == "" ) { $args = $val; } else { $args = $args.",".$val; } } } } return $args; } } if ( !defined( "IN_OESOFT" ) ) { exit( "Access Denied" ); } ?> < ?php class XFilter { public static function filterBadChar( $str ) { if ( empty( $str ) \|\| $str == "" ) { return; } $badstring = array( "'", """, """, "=", "#", "$", ">", "<", "", "/", "%", "x00", "%00", "" ); $newstring = array( "", "", "", "", "", "", "", "", "", "", "", "", "", "" ); $str = str_replace( $badstring, $newstring, $str ); return trim( $str ); } public static function stripArray( &$_data ) { if ( is_array( $_data ) ) { foreach ( $_data as $_key => $_value ) { $_data[$_key] = trim( self::striparray( $_value ) ); } return $_data; } return stripslashes( trim( $_data ) ); } public static function filterSlashes( &$value ) { if ( get_magic_quotes_gpc( ) ) { return FALSE; } $value = ( array )$value; foreach ( $value as $key => $val ) { if ( is_array( $val ) ) { self::filterslashes( $value[$key] ); } else { $value[$key] = addslashes( $val ); } } } public static function filterScript( $value ) { if ( empty( $value ) ) { return ""; } $value = preg_replace( "/(javascript:)?on(click\|load\|key\|mouse\|error\|abort\|move\|unload\|change\|dblclick\|move\|reset\|resize\|submit)/i", "&111n2", $value ); $value = preg_replace( "/<script(.?)>(.?)</script>/si", "", $value ); $value = preg_replace( "/<iframe(.?)>(.?)</iframe>/si", "", $value ); $value = preg_replace( "/<object.+</object>/iesU", "", $value ); return $value; } public static function filterHtml( $value ) { if ( empty( $value ) ) { return ""; } if ( function_exists( "htmlspecialchars" ) ) { return htmlspecialchars( $value ); } return str_replace( array( "&", """, "'", "<", ">" ), array( "&", """, "'", "<", ">" ), $value ); } public static function filterSql( $value ) { if ( empty( $value ) ) { return ""; } $sql = array( "select", "insert", "update", "delete", "'", "/", "../", "./", "union", "into", "load_file", "outfile" ); $sql_re = array( "", "", "", "", "", "", "", "", "", "", "", "" ); return str_ireplace( $sql, $sql_re, $value ); } public static function filterStr( $value ) { if ( empty( $value ) ) { return ""; } $value = trim( $value ); $badstr = array( "x00", "%00", "r", "&", """, "'", "<", ">", "%3C", "%3E" ); $newstr = array( "", "", "", "&", """, "'", "<", ">", "<", ">" ); $value = str_ireplace( $badstr, $newstr, $value ); $value = preg_replace( "/&((#(d{3,5}\|x[a-fA-F0-9]{4}));)/", "&1", $value ); return $value; } public static function filterUrl( ) { if ( preg_replace( "/https?://([^:/]+)./i", "1", $_SERVER['HTTP_REFERER'] ) !== preg_replace( "/([^:]+).*/", "1", $_SERVER['HTTP_HOST'] ) ) { return FALSE; } return TRUE; } public static function filterForbidChar( $content ) { $new_content = $content; $forbidargs = X::$cfg['forbidargs']; if ( !empty( $forbidargs ) ) { $array = explode( ",", $forbidargs ); $i = 0; for ( ; $i < sizeof( $array ); ++$i ) { $new_content = str_ireplace( $array[$i], "", $content ); } } return $new_content; } public static function checkExistsForbidChar( $content ) { $flag = FALSE; $forbidargs = X::$cfg['forbidargs']; if ( !empty( $forbidargs ) ) { $array = explode( ",", $forbidargs ); $i = 0; for ( ; $i < sizeof( $array ); ++$i ) { if ( FALSE === strpos( strtolower( $content ), strtolower( $array[$i] ) ) ) { continue; } $flag = TRUE; break; } } return $flag; } public static function checkExistsForbidUserName( $username ) { $flag = FALSE; $forbidargs = X::$cfg['lockusers']; if ( !empty( $forbidargs ) ) { $array = explode( ",", $forbidargs ); $i = 0; for ( ; $i < sizeof( $array ); ++$i ) { if ( FALSE === strpos( strtolower( $username ), strtolower( $array[$i] ) ) ) { continue; } $flag = TRUE; break; } } return $flag; } } if ( !defined( "IN_OESOFT" ) ) { exit( "Access Denied" ); } ?>