php 安全过滤代码
<?php
/**
* @name date safe class 0.1
* @author kevin xu
* @copyright kenvin E-mail:gincn@cn.cashboxparty.com MSN:gincn@live.cn
*/
interface dateSafe{
function gincn();
}
class safe extends doSafe implements dateSafe
{
public $safe;
function __construct($safe)
{
parent::__construct($safe); //调用父类构造函数,网友javachen找出来的错误
$this->safe = $safe;
}
function gincn()
{
$this->safe = parent::xss($this->safe);
$this->safe = parent::sql($this->safe);
return $this->safe;
}
}
class doSafe
{
protected $str;
function __construct($str)
{
$this->str = $str;
}
function xss()
{
$this->str = trim($this->str); //清理空格字符
$this->str = nl2br($this->str); //将换行符转化为<br />
$this->str = strip_tags($this->str); //过滤文本中的HTML标签
$this->str = htmlspecialchars($this->str); //将文本中的内容转换为HTML实体
$this->str = addslashes($this->str); //加入字符转义
return $this->str;
}
function sql()
{
$this->str = mysql_escape_string($this->str);
return $this->str;
}
}
?>
PHP之友评论