最近不是在折腾论坛嘛,各种类各种函数,原创一些,从别人那儿qiang过来一些,在此分享出来,希望有朋友能用的到~
注意:部分函数可能不够完善,由此造成的漏洞风险自担~
提交过滤
function filter($text){ //完全过滤注释 $text = preg_replace('//', '', $text); //完全过滤js $text = preg_replace('//', '', $text); //过滤危险的属性,如:过滤on事件lang js while (preg_match('/(<]+/i', $text, $mat)) { $text = str_replace($mat[0], $mat[1], $text); } while (preg_match('/(<]*)/i', $text, $mat)) { $text = str_replace($mat[0], $mat[1] . $mat[3], $text); } //过滤多余html $text = preg_replace('//i', '', $text); //反转换 $text = str_replace('[', '', $text); $text = str_replace('|', '', $text); return $text;}
提交过滤2
function stripslashes_array(&$array){ while (list($key, $var) = each($array)) { if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || '' . intval($key) == $key)) { if (is_string($var)) { $array[$key] = stripslashes($var); } if (is_array($var)) { $array[$key] = stripslashes_array($var); } } } return $array;}
字符串截取(这个是emlog里提出来的,其实也就是substr的增强版)
function substring($strings, $start, $length){ if (function_exists('mb_substr') && function_exists('mb_strlen')) { $sub_str = mb_substr($strings, $start, $length, 'utf8'); return mb_strlen($sub_str, 'utf8') < mb_strlen($strings, 'utf8') ? $sub_str . '...' : $sub_str; } $str = substr($strings, $start, $length); $char = 0; for ($i = 0; $i = 128) $char++; } $str2 = substr($strings, $start, $length + 1); $str3 = substr($strings, $start, $length + 2); if ($char % 3 == 1) { if ($length <= strlen($strings)) { $str3 = $str3 .= '...'; } return $str3; } if ($char % 3 == 2) { if ($length <= strlen($strings)) { $str2 = $str2 .= '...'; } return $str2; } if ($char % 3 == 0) { if ($length <= strlen($strings)) { $str = $str .= '...'; } return $str; }}
ip地址匿名化(最后一位替换为星号)
function anonymousip() { $ip = getip(); if ($ip == unknown) { $removed_ip = 未知用户; } if (strpos($ip, :)) { $removed_ip = ipv6用户; } else { $reg1 = '/((?:\d+\.){3})\d+/'; $reg2 = '~(\d+)\.(\d+)\.(\d+)\.(\d+)~'; $removed_ip = preg_replace($reg1, \\1*, $ip); } return $removed_ip;}
获取客户端ip地址
function getip(){ if (@$_server[http_x_forwarded_for]) $ip = $_server[http_x_forwarded_for]; else if (@$_server[http_client_ip]) $ip = $_server[http_client_ip]; else if (@$_server[remote_addr]) $ip = $_server[remote_addr]; else if (@getenv(http_x_forwarded_for)) $ip = getenv(http_x_forwarded_for); else if (@getenv(http_client_ip)) $ip = getenv(http_client_ip); else if (@getenv(remote_addr)) $ip = getenv(remote_addr); else $ip = unknown; return $ip;}
字符串加密(支持中文)
function dencrypt($string, $isencrypt = true, $key = youdian){ if (!isset($string{0}) || !isset($key{0})) { return false; } $dynkey = $isencrypt ? hash('sha1', microtime(true)) : substr($string, 0, 40); $fixedkey = hash('sha1', $key); $dynkeypart1 = substr($dynkey, 0, 20); $dynkeypart2 = substr($dynkey, 20); $fixedkeypart1 = substr($fixedkey, 0, 20); $fixedkeypart2 = substr($fixedkey, 20); $key = hash('sha1', $dynkeypart1 . $fixedkeypart1 . $dynkeypart2 . $fixedkeypart2); $string = $isencrypt ? $fixedkeypart1 . $string . $dynkeypart2 : (isset($string{339}) ? gzuncompress(base64_decode(substr($string, 40))) : base64_decode(substr($string, 40))); $n = 0; $result = ''; $len = strlen($string); for ($n = 0; $n 299 ? gzcompress($result) : $result)) : substr($result, 20, -20);}
检查字符串是否包含中文
function checkchinese($string){ if (preg_match(/[\x7f-\xff]/, $string)) { return true; } else { return false; }}
隐藏文件真实路径
function fileheaderjump($file){ header('content-description: file transfer'); header('content-type: application/octet-stream'); header('content-disposition: attachment; filename=' . basename($file)); header('content-transfer-encoding: binary'); header('expires: 0'); header('cache-control: must-revalidate, post-check=0, pre-check=0'); header('pragma: public'); header('content-length: ' . filesize($file)); ob_clean(); flush(); readfile($file); exit;}
生成随机字符串,自定义长度
function createrandomstring($length){ $chars = 'abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz0123456789'; $password = ; for ($i = 0; $i < $length; $i++) { $password .= $chars[mt_rand(0, strlen($chars) - 1)]; } return $password;}