zhuxianfei.com

首页 > 编程技术 > php

php 符转换为 HTML 实体

发布时间:2016-11-25 15:25

function d_htmlspecialchars($string) {
 if(is_array($string)) {
  foreach($string as $key => $val) {
   $string[$key] = d_htmlspecialchars($val);
  }
 } else {
  $string = str_replace('&', '&', $string);
  $string = str_replace('"', '"', $string);
  $string = str_replace(''', ''', $string);
  $string = str_replace('<', '&lt;', $string);
  $string = str_replace('>', '&gt;', $string);
  $string = preg_replace('/&amp;(#d;)/', '&1', $string);
 }
 return $string;
}
我们提供了三个函数不来过滤一些特殊的字符,主要是利用php把sql敏感字符串给过滤掉了,好了下面来看看这款代码吧。有需要的朋友拿去看看。

function phps教程ql_show($str){
 $str = stripslashes($str);
 $str = str_replace("&#92;", "", $str);
 $str = str_replace("&#47;", "/", $str);
 $str = str_replace("&#32;", " ", $str);
 $str = str_replace("&#44;", ",", $str);
 return $str;
}
function phpsql_post($str){
 $str = stripslashes($str);
 $str = str_replace("|", "&#124;", $str);
 $str = str_replace("<", "&#60;", $str);
 $str = str_replace(">", "&#62;", $str);
 $str = str_replace("&nbsp;", "&#32;", $str);
 $str = str_replace(" ", "&#32;", $str);
 $str = str_replace("(", "&#40;", $str);
 $str = str_replace(")", "&#41;", $str);
 $str = str_replace("`", "&#96;", $str);
 //$str = str_replace("'", "&#39;", $str);
 $str = str_replace('"', "&#34;", $str);
 $str = str_replace(",", "&#44;", $str);
 $str = str_replace("$", "&#36;", $str);
 $str = str_replace("", "&#92;", $str);
 $str = str_replace("/", "&#47;", $str);
 return $str;
}
function phpsql_replace($str){
 $str = stripslashes($str);
 $str = str_replace("'", "&#39;", $str);
 return $str;
}

function d_addslashes($string, $force = 0) {
 if(!$globals['magic_quotes_gpc'] || $force) {
  if(is_array($string)) {
   foreach($string as $key => $val) $string[$key] = d_addslashes($val, $force);
  }
  else $string = addslashes($string);
 }
 return $string;
}

    function url_this(){
        $url = "http://".$_server ["http_host"].$_server["request_uri"];
        $return_url = "<a href='$url'>$url</a>";
        return $return_url;
    }

//跳转函数
function url_redirect($url,$delay=''){
 if($delay == ''){
  echo "<script>window.location.href='$url'</script>";
 }else{
  echo "<meta http-equiv='refresh' content='$delay;url=$url' />";
 }

}

} //end func

最近网站经常被攻击,后来想到了一个利用php来防止网站受攻击的办法,下面是我的代码,代码不是最好的,根据自己的需求来做,下面来看看我的代码。

/*
*网站防ip攻击代码(anti-ip attack code website)2010-11-20,ver2.0
*mydalle.com anti-refresh mechanism
*design by www.111cn.net
*/

<?php
//查询禁止ip
$ip =$_server['remote_addr'];
$fileht=".htaccess2";
if(!file_exists($fileht))file_put_contents($fileht,"");
$filehtarr=@file($fileht);
if(in_array($ip."rn",$filehtarr))die("warning:"."<br>"."your ip address are forbided by mydalle.com anti-refresh mechanism, if you have any question pls emill to shop@mydalle.com!<br>(mydalle.com anti-refresh mechanism is to enable users to have a good shipping services, but there maybe some inevitable network problems in your ip address, so that you can mail to us to solve.)");

//加入禁止ip
$time=time();
$fileforbid="log/forbidchk.dat";
if(file_exists($fileforbid))
{ if($time-filemtime($fileforbid)>30)unlink($fileforbid);
else{
$fileforbidarr=@file($fileforbid);
if($ip==substr($fileforbidarr[0],0,strlen($ip)))
{
if($time-substr($fileforbidarr[1],0,strlen($time))>120)unlink($fileforbid);
elseif($fileforbidarr[2]>120){file_put_contents($fileht,$ip."rn",file_append);unlink($fileforbid);}
else{$fileforbidarr[2]++;file_put_contents($fileforbid,$fileforbidarr);}
}
}
}
//防刷新
$str="";
$file="log/ipdate.dat";
if(!file_exists("log")&&!is_dir("log"))mkdir("log",0777);
if(!file_exists($file))file_put_contents($file,"");
$allowtime = 60;//防刷新时间
$allownum=5;//防刷新次数
$uri=$_server['request_uri'];
$checkip=md5($ip);
$checkuri=md5($uri);
$yesno=true;
$ipdate=@file($file);
foreach($ipdate as $k=>$v)
{ $iptem=substr($v,0,32);
$uritem=substr($v,32,32);
$timetem=substr($v,64,10);
$numtem=substr($v,74);
if($time-$timetem<$allowtime){
if($iptem!=$checkip)$str.=$v;
else{
$yesno=false;
if($uritem!=$checkuri)$str.=$iptem.$checkuri.$time."1rn";
elseif($numtem<$allownum)$str.=$iptem.$uritem.$timetem.($numtem+1)."rn";
else
{
if(!file_exists($fileforbid)){$addforbidarr=array($ip."rn",time()."rn",1);file_put_contents($fileforbid,$addforbidarr);}
file_put_contents("log/forbided_ip.log",$ip."--".date("y-m-d h:i:s",time())."--".$uri."rn",file_append);
$timepass=$timetem+$allowtime-$time;
die("warning:"."<br>"."pls don't refresh too frequently, and wait for ".$timepass." seconds to continue, if not your ip address will be forbided automatic by mydalle.com anti-refresh mechanism!<br>(mydalle.com anti-refresh mechanism is to enable users to have a good shipping services, but there maybe some inevitable network problems in your ip address, so that you can mail to us to solve.)");
}
}
}
}
if($yesno) $str.=$checkip.$checkuri.$time."1rn";
file_put_contents($file,$str);
?>

标签:[!--infotagslink--]

您可能感兴趣的文章: