php 安全之直接用$获取值而不
$_GET
字符转义,PHP 程序员推荐大家参考下
代码如下
:
<?
function
my_addslashes(
$string
,
$force
= 0) {
!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC',
get_magic_quotes_gpc());
if
(!MAGIC_QUOTES_GPC ||
$force
) {
if
(
is_array
(
$string
)) {
foreach
(
$string
as
$key
=>
$val
) {
$string
[
$key
] = my_addslashes(
$val
,
$force
);
}
}
else
{
$string
=
addslashes
(
$string
);
}
}
return
$string
;
}
foreach
(
array
('_COOKIE', '_POST', '_GET')
as
$_request
) {
foreach
($
$_request
as
$_key
=>
$_value
) {
$_key
{0} != '_' && $
$_key
= my_addslashes(
$_value
);
}
}
echo
$urls
;
?>