php ·À×¢Èë¹¥»÷º¯Êý
/*php ·À×¢È뺯Êý
string $feifa ÏÞÖÆÔªËØ×é³É
ÈçÓзǷ¨×Ö·ûÌø×ªµ½ÉÏÒ»Ò³ ·µ»Ø 0 ûÓзµ»Ø 1
*/
//ʹÓ÷½·¨
//$feifa=array("select","delete","from","update","create","destory","drop","alter","and","or","like","exec","count","*","chr","mid","master","truncate","char","declare",";","-","+");
//$arrpostget=array("http://www.baidu.select cretecomdmin","wangw");
//echo saftsql($feifa,$arrpostget);
function saftsql($feifa,$arrpostget){
//
$arrpostget=array_merge((array)$HTTP_PSOT_VARS,(array)$HTTP_GET_VARS);
if($arrpostget){
foreach($arrpostget as $key=>$value){
for($i=0;$i<count($feifa);$i++){
//ÕÒ·Ç·¨×Ö·ûÔÚ$valueÖеÄλÖÃ
$flag=strpos($value,$feifa[$i]);
if($flag)
{
echo "<script
type=\"text/javascript\">alert('URLÓзǷ¨×Ö·û');</script>";
 
Ïà¹ØÎĵµ£º
<?php
function outputMyName($fname) {
echo "ÎÒµÄÃû×ֽР";
echo "ÖÜ ".$fname."<br />";
}
?>
<html>
<body>
<?php
outputMyName("ʤ³¬");
outputMyName("Óîºã");
outputMyName("ÓîÃË");
?>
</body>
</html>
½á¹ûÈçÏ£ ......
ÖØÒªµÄPHP³¬¼¶È«¾Ö±äÁ¿×ܽá
2008-07-14 16:53:03
¡¡±êÇ©£ºÈ«¾Ö±äÁ¿
¡¡¡¡¡¡[ÍÆË͵½¼¼ÊõȦ
]
PHPÓÐ9¸öÔ¤¶¨Òå±äÁ¿Êý×飬·Ö±ð×ܽáÈçÏ£º
1¡¢$_SERVER
$_SERVER³¬¼¶È«¾Ö±äÁ¿°üº¬ÓÉweb·þÎñÆ÷´´½¨µÄÐÅÏ¢ ......
ÏÖÔÚÊг¡ÉϵÄoa»ù±¾ÉϿɹé½áΪÁ½´óÕóÓª£¬¼´phpÕóÓªºÍjavaÕóÓª¡£µ«¶Ô½Ó´¥oa²»¾ÃµÄÓû§À´Ëµ£¬¿´µ½µÄÍùÍùÖ»ÊÇËüÃǵıíÏֻ࣬ÊÇÃ÷ÏԵļ۸ñ²îÒ죬ȴºÜÄÑ¿´³öËüÃÇÖ®¼äµÄʵ¼Ê²îÒì¡£Æäʵ£¬ PHP + MYSQL ²»ÖµÇ®²»½ö½ö¾ÖÏÞÓÚoaÈí¼þ£¬¶øÊÇÕûÌåÉÏPHP + MYSQL¿ª·¢µÄÈí¼þ¶¼²»Èçjava¿ª·¢µÄÈí¼þֵǮ¡£ÎªÊ²Ã´PHP + MYSQL µÄOAΪʲô²»ÖµÇ®Ä ......
½ñÌìÓöµ½ÁËÒ»¸öºÜÆæ¹ÖµÄÂÒÂëÎÊÌ⣬×Ô¼ºÎÞÒâÖнâ¾öÁË£¬µ«²»ÖªµÀÊÇʲôÔÒò£¬Ö»ºÃ¼ÇÏÂÀ´£¬·ÀÖ¹ÒÔºóÔÙ³öÏÖÕâÑùµÄÎÊÌâ¡£
µ±ÎÒ°ÑphpÓï¾äдµ½ÏÂÃæµÄÒ³ÃæÍ·ÐÅϢ֮ǰµÄʱºò£¬ÕâЩphpÊä³öÓï¾ä¶¼Êä³öµÄÊÇÂÒÂ룬°üÀ¨ÓÃechoÊä³öµÄjs¡£È磺echo "<script languge=javascript> alert('Ìí¼Ó³É¹¦!');location.href = 'device_add.php ......
Ò»Ö±ÈÏΪphpÖÐ×Ö×Ö·û´®±È½ÏÖ±½ÓÓÃ==À´Åжϻ¹ÊǺܷ½±ãµÄ,µ«½ñÌìÓöµ½µÄÒ»¸öÎÊÌâ,³¹µ×ÈÃÎÒÃ÷°×ÁËʹÓÃstrcmpµÄ±ØÒªÐÔ.Õâ¸öÎÊÌâºÜ¶àÀÏÊÖ¶¼¿ÉÄÜ»áºöÂÔµÄ.
½ñÌìÔڵǼ×Ô¼º×öµÄ³ÌÐòʱ,ÔÚÊäÈëÑéÖ¤Âëºó,ÏëÖ±½Ó°´Ð¡¼üÅÌÉϻسµµÇ¼(³ÌÐò¼ì²éÁ˻سµÊ¼þ)£¬½á¹û°´»Ø³µ°´³ÉÁ˼üÅÌÉϻسµ¼üÅÔ±ßСÊýµÄÄǸö¼ü,ÑéÖ¤ÂëÀ¸¾Í¶àÊäÈëÁËÒ»¸öµã¡£ÓÉÓÚ ......