php 清除XSS
清除XSS [代码片段(36行)]
/**
*
* 清除XSS
* fc_lamp
* @param $string
* @param $low 安全别级低
* @internal
* clean_xss($_POST);
*/
function clean_xss(&$string, $low = False)
{
if (! is_array ( $string ))
{
$string = trim ( $string );
$string = strip_tags ( $string );
$string = htmlspecialchars ( $string );
if ($low)
{
return True;
}
$string = str_replace ( array ('"', "\\\\", "'", "/", "..", "../", "./", "//" ), '', $string );
$no = '/%0[0-8bcef]/';
$string = preg_replace ( $no, '', $string );
$no = '/%1[0-9a-f]/';
$string = preg_replace ( $no, '', $string );
$no = '/[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F\\x7F]+/S';
$string = preg_replace ( $no, '', $string );
return True;
}
$keys = array_keys ( $string );
foreach ( $keys as $key )
{
clean_xss ( $string [$key] );
}
}
//该片段来自于http://outofmemory.cn
- 上一篇:php 计算地图上两点间的距离
- 下一篇:如何让CI框架支持service层
精彩图集
精彩文章