function ANTI_SPAM($str, $option = array()) { if (isset($str)) { $str = trim($str); //清理空格 $str = strip_tags($str); //过滤html标签 $str = htmlspecialchars($str); //将字符内容转化为html实体 $str = addslashes($str); PARAM_VAILD($str, $option); return $str; } else { PARAM_VAILD($str, $option); return ''; } }
$his_weibo = ANTI_SPAM($_POST['his_weibo']); $address = ANTI_SPAM($_POST['address']); $comment = ANTI_SPAM($_POST['comment']); echo MES_Lover::add($name, $my_weibo, $mobile, $his_weibo, $address, $comment); } else { if ($action == 'get_all') { echo MES_Lover::get_all(); } else { if ($action == 'page') { $smarty->display('huodongpage.dwt'); } else { if ($action == 'admin') { $smarty->display('huodongadmin.dwt'); } else { header("Location: 404.html"); } } } } break; case 'test': $str = ANTI_SPAM($_GET['str']); PARAM_VAILD($str, array('max' => 10, 'type' => 'number', 'values' => array(1, 2, 4))); break; case 'token': echo GEN_MES_TOKEN(); break; default: header("Location: 404.html"); break; }