/** * 初始化$_GET、$_POST、$_COOKIE值,XSSClean * @return void */ public function _initRGPC() { $rawKeys = array('http_referer'); foreach ($_GET as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_GET[$key] = String::specialchars_decode($value); } foreach ($_POST as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_POST[$key] = String::specialchars_decode($value); } foreach ($_COOKIE as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_COOKIE[$key] = String::specialchars_decode($value); } }
/** * 初始化$_GET、$_POST、$_COOKIE值,XSSClean * @return void */ public function _initRGPC() { $rawKeys = array('http_referer', 'content', 'show_code', 'stat_code', 'powerby', 'jump_url', 'menu_url', 'advert_url', 'html_style', 'html_script', 'html_head', 'html_body'); foreach ($_GET as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_GET[$key] = String::specialchars_decode($value); } foreach ($_POST as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_POST[$key] = String::specialchars_decode($value); } foreach ($_COOKIE as $key => $value) { if (in_array($key, $rawKeys)) { continue; } $_COOKIE[$key] = String::specialchars_decode($value); } }
/** * 字符单字节截串,为了优化页面展示,一个汉字按两个字符计算,如果第三个参数小于0,则默认是字符长度 * @param string $input * @param integer $start * @param integer $length * @return string */ public function substr($input, $start = 0, $length = -1) { $input = String::specialchars_encode($input); $iptLen = strlen($input); if ($iptLen <= 0) { return ''; } if ($length < 0) { $length = $iptLen; } $end = $start + $length; if ($start == 0) { $end++; } $pos = $charLen = $noc = 0; $posLessStart = true; while ($pos < $iptLen) { $charLen = $this->charlen($input[$pos]); $pos += $charLen > 0 ? $charLen : 1; $noc += $charLen > 1 ? 2 : ($charLen > 0 ? 1 : 0); if ($posLessStart && $noc >= $start) { if ($noc === $start) { $start = $pos; } else { $start = $pos - $charLen; $end--; } $posLessStart = false; } if ($noc >= $end) { break; } } if ($noc > $end) { $pos -= $charLen; } $output = substr($input, $start, $pos - $start); $output = String::specialchars_decode($output); return $output; }