php防止sql注入之过滤分页参数实例
本文实例讲述了php防止sql注入中过滤分页参数的方法。分享给大家供大家参考。具体分析如下:
就网络安全而言,在网络上不要相信任何输入信息,对于任何输入信息我们都必须进行参数过滤。对此,我们先来看看下面的实例:
复制代码 代码如下:
$this->load->library ( \'pagination\' );
$config [\'base_url\'] = site_url () . \'/guest/show\';
$config [\'total_rows\'] = $c;
$config [\'per_page\'] = $pernum = 15;
$config [\'uri_segment\'] = 3;
$config [\'use_page_numbers\'] = TRUE;
$config [\'first_link\'] = \'第一页\';
$config [\'last_link\'] = \'最后一页\';
$config [\'num_links\'] = 5;
$this->pagination->initialize ( $config );
if (! $this->uri->segment ( 3 )) {
$currentnum = 0;
} else {
$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum:0;
}
$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;
if($current_page){
$data [\'title\'] = \'第\'.$current_page.\'页-留言本-防SQL注入测试\';
}
else{
$data [\'title\'] = \'留言本-防SQL注入测试\';
}
$data [\'liuyan\'] = $this->ly->getLy ( $pernum, $currentnum );
$config [\'base_url\'] = site_url () . \'/guest/show\';
$config [\'total_rows\'] = $c;
$config [\'per_page\'] = $pernum = 15;
$config [\'uri_segment\'] = 3;
$config [\'use_page_numbers\'] = TRUE;
$config [\'first_link\'] = \'第一页\';
$config [\'last_link\'] = \'最后一页\';
$config [\'num_links\'] = 5;
$this->pagination->initialize ( $config );
if (! $this->uri->segment ( 3 )) {
$currentnum = 0;
} else {
$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum:0;
}
$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;
if($current_page){
$data [\'title\'] = \'第\'.$current_page.\'页-留言本-防SQL注入测试\';
}
else{
$data [\'title\'] = \'留言本-防SQL注入测试\';
}
$data [\'liuyan\'] = $this->ly->getLy ( $pernum, $currentnum );
其中:
复制代码 代码如下:
$current_page=is_numeric($this->uri->segment ( 3 ))?intval($this->uri->segment ( 3 )):1;
$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;
$currentnum = is_numeric($this->uri->segment ( 3 ))?(intval($this->uri->segment ( 3 ) - 1)) * $pernum;
这两句判断了参数是否为数字。防止非法字符输入。
希望本文所述对大家的PHP程序设计有所帮助。
本文地址:https://www.stayed.cn/item/11009
转载请注明出处。
本站部分内容来源于网络,如侵犯到您的权益,请 联系我
我的博客
人生若只如初见,何事秋风悲画扇。
我的标签
随笔档案
- 2024-02(2)
- 2023-06(1)
- 2023-05(1)
- 2023-04(14)
- 2023-03(3)
- 2023-01(6)
- 2022-12(5)
- 2022-11(5)
- 2022-07(2)
- 2022-06(4)
- 2022-05(3)
- 2022-03(1)
- 2021-12(6)
- 2021-11(1)
- 2021-10(3)
- 2021-09(5)
- 2021-07(5)
- 2021-02(2)
- 2021-01(7)
- 2020-12(18)
- 2020-11(14)
- 2020-10(12)
- 2020-09(10)
- 2020-08(22)
- 2020-07(2)
- 2020-06(1)
- 2020-04(5)
- 2020-03(9)
- 2020-02(7)
- 2020-01(9)
- 2019-12(8)
- 2019-11(10)
- 2019-10(11)
- 2019-09(17)
- 2019-08(16)
- 2019-07(6)
- 2019-06(3)
- 2019-04(1)
- 2019-03(8)
- 2019-02(5)
- 2019-01(1)
- 2018-11(2)
- 2018-10(3)
- 2018-09(1)
- 2018-08(3)
- 2018-07(3)
- 2018-06(7)
- 2018-04(4)
- 2018-03(5)
- 2018-02(4)
- 2018-01(22)
- 2017-12(3)
- 2017-11(5)
- 2017-10(15)
- 2017-09(26)
- 2017-08(1)
- 2017-07(3)