function filter_injection(&$request)
{
    $pattern = "/(select[\\s])|(insert[\\s])|(update[\\s])|(delete[\\s])|(from[\\s])|(where[\\s])/i";
    foreach ($request as $k => $v) {
        if (preg_match($pattern, $k, $match)) {
            die("SQL Injection denied!");
        }
        if (is_array($v)) {
            filter_injection($v);
        } else {
            if (preg_match($pattern, $v, $match)) {
                die("SQL Injection denied!");
            }
        }
    }
}
Exemplo n.º 2
0
<?php

require_once 'common.php';
filter_injection($_REQUEST);
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/')) {
    mkdir(APP_ROOT_PATH . 'public/runtime/app/', 0777);
}
//输出根路径
$GLOBALS['tmpl']->assign("APP_ROOT", APP_ROOT);
$IMG_APP_ROOT = APP_ROOT;
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/')) {
    mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/', 0777);
}
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/')) {
    mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/', 0777);
}
$GLOBALS['tmpl']->cache_dir = APP_ROOT_PATH . 'public/runtime/app/tpl_caches';
$GLOBALS['tmpl']->compile_dir = APP_ROOT_PATH . 'public/runtime/app/tpl_compiled';
$GLOBALS['tmpl']->template_dir = APP_ROOT_PATH . 'app/Tpl/' . app_conf("TEMPLATE");
//定义当前语言包
//定义模板路径
$tmpl_path = get_domain() . APP_ROOT . "/app/Tpl/";
$GLOBALS['tmpl']->assign("TMPL", $tmpl_path . app_conf("TEMPLATE"));
$GLOBALS['tmpl']->assign("TMPL_REAL", APP_ROOT_PATH . "app/Tpl/" . app_conf("TEMPLATE"));
define("DEAL_PAGE_SIZE", 60);
define("DEAL_STEP_SIZE", 4);
define("DEALUPDATE_PAGE_SIZE", 15);
define("DEALUPDATE_STEP_SIZE", 5);
define("DEAL_COMMENT_PAGE_SIZE", 40);
define("DEAL_SUPPORT_PAGE_SIZE", 20);
define("ACCOUNT_PAGE_SIZE", 10);