Shulou(Shulou.com)06/03 Report--

This article introduces what php injection records need to pay attention to, the content is very detailed, interested friends can refer to, I hope it can be helpful to you.

Common acquisition variables

$GET$_POST $_ COOKIE $_ SERVER

Is_numeric (), ctype_digit () regular expression / / determines whether it is a number, and the latter function is converted to a number.

Mysql_real_escape_string () / / connect to the database first or do not convert the character injection so that you can convert it.

Addslashes () / / Digital injection

Lesson er:

Union should be consistent

When magic_quotes_gpc=on is enabled in php.ini, characters can be translated to prevent injection.

Echo $_ SERVER ['QUREY_STRING']; return? The character after the sign

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.