<?php
if (!get_magic_quotes_gpc()) {
add_slashes($_GET);
add_slashes($_POST);
add_slashes($_COOKIE);
}
function add_slashes($string) {
if (is_array($string)) {
foreach ($string as $key => $value) {
$string[$key] = add_slashes($value);
}
} else {
$string = addslashes($string);
}
return $string;
}
//php防注入函数,字符过滤函数
//解码
function htmldecode($str)
{
if(empty($str)) return;
if($str=="") return $str;
$str=str_replace("select","select",$str);
$str=str_replace("join","join",$str);
$str=str_replace("union","union",$str);
$str=str_replace("where","where",$str);
$str=str_replace("insert","insert",$str);
$str=str_replace("delete","delete",$str);
$str=str_replace("update","update",$str);
$str=str_replace("like","like",$str);
$str=str_replace("drop","drop",$str);
$str=str_replace("create","create",$str);
$str=str_replace("modify","modify",$str);
$str=str_replace("rename","rename",$str);
$str=str_replace("alter","alter",$str);
$str=str_replace("cas","cast",$str);
$str=str_replace("&","&",$str);
$str=str_replace(">",">",$str);
$str=str_replace("<","<",$str);
$str=str_replace(" ",chr(32),$str);
$str=str_replace(" ",chr(9),$str);
// $str=str_replace(" ",chr(9),$str);
$str=str_replace("&",chr(34),$str);
$str=str_replace("'",chr(39),$str);
$str=str_replace("<br />",chr(13),$str);
$str=str_replace("''","'",$str);
return $str;
}
//编码
function htmlencode($str)
{
if(empty($str)) return;
if($str=="") return $str;
$str=trim($str);
$str=str_replace("&","&",$str);
$str=str_replac
