function inject_check($sql_str) { return eregi('select|insert|and|or|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile', $sql_str);}if (inject_check($_server['query_string'])==1 or inject_check(file_get_contents(php://input))==1){ //echo 警告 非法访问!; header(location: error.php);}
复制代码
function inject_check($sql_str) { return preg_match('/select|insert|and|or|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile/i', $sql_str);}if (inject_check($_server['query_string'])==1 or inject_check(file_get_contents(php://input))==1){ //echo 警告 非法访问!; header(location: error.php); exit;}
复制代码