php过滤$_get 和$_post参数，以防止注入的代码，有需要的朋友，可以参考下。完整代码如下。
$value){if(!is_array($value)){$value = get_magic_quotes_gpc()?$value:addslashes($value);$array[$key]=filterhtml($value);}else{add_s($array[$key]);}}return $array;}function glstr($var) {if (is_array($var)) {return add_s($var);}elseif(strlen($var)){$var = get_magic_quotes_gpc()?$var:addslashes($var);$var = filterhtml($var);}return $var;}function filterhtml($html){$farr = array(/]*?)>/eis,/]*?)>/eis,/]*?>)/isu,//过滤javascript的on事件/\s+/,//过滤多余的空白);$tarr = array(,,,\\1\\4, ,);$html = preg_replace( $farr,$tarr,$html);return $html;}if (sizeof($_get)) {foreach($_get as $key => $value) {$_get[$key] = glstr($value); //}}if (sizeof($_post)) {foreach($_post as $key => $value) {$_post[$key] = glstr($value); //}}?>