php安全之直接用$获取值而不$_GET 字符转义

时间:2022-02-27 09:05:53

代码如下:


<? 
function my_addslashes($string, $force = 0) { 
!defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc()); 
if(!MAGIC_QUOTES_GPC || $force) { 
if(is_array($string)) { 
foreach($string as $key => $val) { 
$string[$key] = my_addslashes($val, $force); 

} else { 
$string = addslashes($string); 


return $string; 

foreach(array('_COOKIE', '_POST', '_GET') as $_request) { 
foreach($$_request as $_key => $_value) { 
$_key{0} != '_' && $$_key = my_addslashes($_value); 


echo $urls; 
?>