function filter_injection(&$request) { $pattern = "/(select[\\s])|(insert[\\s])|(update[\\s])|(delete[\\s])|(from[\\s])|(where[\\s])/i"; foreach ($request as $k => $v) { if (preg_match($pattern, $k, $match)) { die("SQL Injection denied!"); } if (is_array($v)) { filter_injection($v); } else { if (preg_match($pattern, $v, $match)) { die("SQL Injection denied!"); } } } }
<?php require_once 'common.php'; filter_injection($_REQUEST); if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/')) { mkdir(APP_ROOT_PATH . 'public/runtime/app/', 0777); } //输出根路径 $GLOBALS['tmpl']->assign("APP_ROOT", APP_ROOT); $IMG_APP_ROOT = APP_ROOT; if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/')) { mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/', 0777); } if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/')) { mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/', 0777); } $GLOBALS['tmpl']->cache_dir = APP_ROOT_PATH . 'public/runtime/app/tpl_caches'; $GLOBALS['tmpl']->compile_dir = APP_ROOT_PATH . 'public/runtime/app/tpl_compiled'; $GLOBALS['tmpl']->template_dir = APP_ROOT_PATH . 'app/Tpl/' . app_conf("TEMPLATE"); //定义当前语言包 //定义模板路径 $tmpl_path = get_domain() . APP_ROOT . "/app/Tpl/"; $GLOBALS['tmpl']->assign("TMPL", $tmpl_path . app_conf("TEMPLATE")); $GLOBALS['tmpl']->assign("TMPL_REAL", APP_ROOT_PATH . "app/Tpl/" . app_conf("TEMPLATE")); define("DEAL_PAGE_SIZE", 60); define("DEAL_STEP_SIZE", 4); define("DEALUPDATE_PAGE_SIZE", 15); define("DEALUPDATE_STEP_SIZE", 5); define("DEAL_COMMENT_PAGE_SIZE", 40); define("DEAL_SUPPORT_PAGE_SIZE", 20); define("ACCOUNT_PAGE_SIZE", 10);