Home Explore Help
Register Sign In
PH
/
heyu
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 091d953872
Branches Tags
heyu
/
Application
/
Common
/
Conf
/
secure.php

secure.php 10.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271 
  1. <?php
    2. 

  2. if (!empty($_POST)) $_POST = wjSec($_POST);
    3. 

  3. if (!empty($_GET)) $_GET = wjSec($_GET);
    4. 

  4. if (!empty($_COOKIE)) $_COOKIE = wjSec($_COOKIE);
    5. 

  5. if (!empty($_SESSION)) $_SESSION = wjSec($_SESSION);
    6. 

  6. if (!empty($_FILES)) $_FILES = wjSec($_FILES);
    7. 

  7. 

  8. function wjSec(&$array) {
    9. 

  9.     if (is_array($array)) {
    10. 

  10.         foreach ($array as $k => $v) {
    11. 

  11.             if (($k == 'addr' && strlen($v) == 34) || $k == 'content') {
    12. 

  12.                 $array [$k] = $v;
    13. 

  13.             } else {
    14. 

  14.                 $array [$k] = wjSec($v);
    15. 

  15.             }
    16. 

  16.         }
    17. 

  17.     } else if (is_numeric($array)) {
    18. 

  18.         $array = wjStrFilter($array, 0, 0);
    19. 

  19.     } else {
    20. 

  20.         $array = wjStrFilter($array);
    21. 

  21.     }
    22. 

  22.     return $array;
    23. 

  23. }
    24. 

  24. 

  25. function wjStrFilter($str, $pi_Def = "", $pi_iType = 1) {
    26. 

  26. 

  27.     if (isset($_GET[$str]))
    28. 

  28.         $str = trim($_GET[$str]);
    29. 

  29.     else if (isset($_POST[$str]))
    30. 

  30.         $str = trim($_POST[$str]);
    31. 

  31.     else if ($str)
    32. 

  32.         $str = trim($str);
    33. 

  33.     else
    34. 

  34.         return $pi_Def;
    35. 

  35.     // INT
    36. 

  36.     if ($pi_iType == 0) {
    37. 

  37.         if (is_numeric($str))
    38. 

  38.             return $str;
    39. 

  39.         else
    40. 

  40.             return $pi_Def;
    41. 

  41.     }
    42. 

  42. 

  43. //  echo $str;
    44. 

  44. 

  45.     // String
    46. 

  46.     if ($str) {
    47. 

  47.         $str = str_replace('%20', '', $str);
    48. 

  48.         $str = str_replace('%27', '', $str);
    49. 

  49.         $str = str_replace('%2527', '', $str);
    50. 

  50.         $str = str_replace('*', '', $str);
    51. 

  51.         $str = str_replace('"', '&quot;', $str);
    52. 

  52.         $str = str_replace("'", '', $str);
    53. 

  53.         $str = str_replace('"', '', $str);
    54. 

  54.         $str = str_replace('<', '&lt;', $str);
    55. 

  55.         $str = str_replace('>', '&gt;', $str);
    56. 

  56.         $str = str_replace("{", '', $str);
    57. 

  57.         $str = str_replace('}', '', $str);
    58. 

  58.         $str = str_replace('#', '', $str);
    59. 

  59.         $str = str_replace('--', '', $str);
    60. 

  60.         $str = str_replace('%', '', $str);
    61. 

  61. 

  62.         $str = preg_replace("/insert/i", "", $str);
    63. 

  63.         $str = preg_replace("/update/i", "", $str);
    64. 

  64.         $str = preg_replace("/delete/i", "", $str);
    65. 

  65.         $str = preg_replace("/select/i", "", $str);
    66. 

  66.         $str = preg_replace("/drop/i", "", $str);
    67. 

  67.         $str = preg_replace("/load_file/i", "", $str);
    68. 

  68.         $str = preg_replace("/outfile/i", "", $str);
    69. 

  69.         $str = preg_replace("/into/i", "", $str);
    70. 

  70.         $str = preg_replace("/exec/i", "", $str);
    71. 

  71.         $str = preg_replace("/tw_/i", "", $str);
    72. 

  72.         $str = preg_replace("/union/i", "", $str);
    73. 

  73.         $str = preg_replace("/%/i", "", $str);
    74. 

  74. 

  75.         if (get_magic_quotes_gpc()) {
    76. 

  76.             $str = str_replace("\\\"", "&quot;", $str);
    77. 

  77.             $str = str_replace("\\''", "&#039;", $str);
    78. 

  78.         } else {
    79. 

  79.             $str = addslashes($str);
    80. 

  80.             $str = str_replace("\"", "&quot;", $str);
    81. 

  81.             $str = str_replace("'", "&#039;", $str);
    82. 

  82.         }
    83. 

  83.         $str = mysql_escape_string($str);
    84. 

  84.         $str = RemoveXSS($str);
    85. 

  85.         $str = RemoveWJ($str);
    86. 

  86.     }
    87. 

  87.     return $str;
    88. 

  88. }
    89. 

  89. 

  90. 

  91. function RemoveXSS($val) {
    92. 

  92.     // remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
    93. 

  93.     // this prevents some character re-spacing such as <java\0script>
    94. 

  94.     // note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs
    95. 

  95.     //$val = preg_replace('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/', '', $val);
    96. 

  96. 

  97.     // straight replacements, the user should never need these since they're normal characters
    98. 

  98.     // this prevents like <IMG SRC=@avascript:alert('XSS')>
    99. 

  99.     $search = 'abcdefghijklmnopqrstuvwxyz';
    100. 

  100.     $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    101. 

  101.     $search .= '1234567890!@#$%^&*()';
    102. 

  102.     $search .= '~`";:?+/={}[]-|\'\\';
    103. 

  103.     for ($i = 0; $i < strlen($search); $i++) {
    104. 

  104.         // ;? matches the ;, which is optional
    105. 

  105.         // 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
    106. 

  106. 

  107.         // @ @ search for the hex values
    108. 

  108.         $val = preg_replace('/(&#[xX]0{0,8}' . dechex(ord($search[$i])) . ';?)/i', $search[$i], $val); // with a ;
    109. 

  109.         // @ @ 0{0,7} matches '0' zero to seven times
    110. 

  110.         $val = preg_replace('/(�{0,8}' . ord($search[$i]) . ';?)/', $search[$i], $val); // with a ;
    111. 

  111.     }
    112. 

  112. 

  113.     // now the only remaining whitespace attacks are \t, \n, and \r
    114. 

  114.     $ra1 = ['javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'];
    115. 

  115.     $ra2 = ['onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'];
    116. 

  116.     $ra = array_merge($ra1, $ra2);
    117. 

  117. 

  118.     $found = true; // keep replacing as long as the previous round replaced something
    119. 

  119.     while ($found == true) {
    120. 

  120.         $val_before = $val;
    121. 

  121.         for ($i = 0; $i < sizeof($ra); $i++) {
    122. 

  122.             $pattern = '/';
    123. 

  123.             for ($j = 0; $j < strlen($ra[$i]); $j++) {
    124. 

  124.                 if ($j > 0) {
    125. 

  125.                     $pattern .= '(';
    126. 

  126.                     $pattern .= '(&#[xX]0{0,8}([9ab]);)';
    127. 

  127.                     $pattern .= '|';
    128. 

  128.                     $pattern .= '|(�{0,8}([9|10|13]);)';
    129. 

  129.                     $pattern .= ')*';
    130. 

  130.                 }
    131. 

  131.                 $pattern .= $ra[$i][$j];
    132. 

  132.             }
    133. 

  133.             $pattern .= '/i';
    134. 

  134.             $replacement = substr($ra[$i], 0, 2) . '<x>' . substr($ra[$i], 2); // add in <> to nerf the tag
    135. 

  135.             $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
    136. 

  136.             if ($val_before == $val) {
    137. 

  137.                 // no replacements were made, so exit the loop
    138. 

  138.                 $found = false;
    139. 

  139.             }
    140. 

  140.         }
    141. 

  141.     }
    142. 

  142.     return $val;
    143. 

  143. }
    144. 

  144. 

  145. function RemoveWJ($val) {
    146. 

  146. 

  147.     $val = fliter_script($val);
    148. 

  148.     $val = fliter_html($val);
    149. 

  149.     $val = fliter_sql($val);
    150. 

  150.     $val = fliter_str($val);
    151. 

  151.     $val = filter_dir($val);
    152. 

  152.     $val = filter_path($val);
    153. 

  153.     $val = filter_phptag($val);
    154. 

  154.     $val = str_out($val);
    155. 

  155. 

  156. 

  157.     return $val;
    158. 

  158. }
    159. 

  159. 

  160. /**
    161. 

  161.  * 安全过滤类-过滤javascript,css,iframes,object等不安全参数 过滤级别高
    162. 

  162.  * Controller中使用方法:$this->controller->fliter_script($value)
    163. 

  163.  * @param string $value 需要过滤的值
    164. 

  164.  * @return string
    165. 

  165.  */
    166. 

  166. function fliter_script($value) {
    167. 

  167.     $value = preg_replace("/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i", "&111n\\2", $value);
    168. 

  168.     $value = preg_replace("/(.*?)<\/script>/si", "", $value);
    169. 

  169.     $value = preg_replace("/(.*?)<\/iframe>/si", "", $value);
    170. 

  170.     $value = preg_replace("//iesU", '', $value);
    171. 

  171.     return $value;
    172. 

  172. }
    173. 

  173. 

  174. /**
    175. 

  175.  * 安全过滤类-过滤HTML标签
    176. 

  176.  * Controller中使用方法:$this->controller->fliter_html($value)
    177. 

  177.  * @param string $value 需要过滤的值
    178. 

  178.  * @return string
    179. 

  179.  */
    180. 

  180. function fliter_html($value) {
    181. 

  181. 

  182. //    return $value;
    183. 

  183.     if (function_exists('htmlspecialchars')) {
    184. 

  184.         return htmlspecialchars($value);
    185. 

  185. //        $b = htmlspecialchars_decode($a);
    186. 

  186. //        return $a;
    187. 

  187.     } else {
    188. 

  188.         return str_replace(["&", '"', "'", "<", ">"], ["&", "\"", "'", "<", ">"], $value);
    189. 

  189.     }
    190. 

  190. }
    191. 

  191. 

  192. /**
    193. 

  193.  * 安全过滤类-对进入的数据加下划线 防止SQL注入
    194. 

  194.  * Controller中使用方法:$this->controller->fliter_sql($value)
    195. 

  195.  * @param string $value 需要过滤的值
    196. 

  196.  * @return string
    197. 

  197.  */
    198. 

  198. function fliter_sql($value) {
    199. 

  199.     $sql = ["select", 'insert', "update", "delete", "\'", "\/\*",
    200. 

  200.         "\.\.\/", "\.\/", "union", "into", "load_file", "outfile"];
    201. 

  201.     $sql_re = ["", "", "", "", "", "", "", "", "", "", "", ""];
    202. 

  202.     return str_replace($sql, $sql_re, $value);
    203. 

  203. }
    204. 

  204. 

  205. 

  206. /**
    207. 

  207.  * 安全过滤类-字符串过滤 过滤特殊有危害字符
    208. 

  208.  * Controller中使用方法:$this->controller->fliter_str($value)
    209. 

  209.  * @param string $value 需要过滤的值
    210. 

  210.  * @return string
    211. 

  211.  */
    212. 

  212. function fliter_str($value) {
    213. 

  213.     $badstr = ["\0", "%00", "\r", '&', ' ', '"', "'", "<", ">", " ", "%3C", "%3E"];
    214. 

  214.     $newstr = ['', '', '', '&', ' ', '"', "'", "<", ">", " ", "<", ">"];
    215. 

  215.     $value = str_replace($badstr, $newstr, $value);
    216. 

  216.     $value = preg_replace('/&((#(\d{3,5}|x[a-fA-F0-9]{4}));)/', '&\\1', $value);
    217. 

  217. 

  218.     return $value;
    219. 

  219. }
    220. 

  220. 

  221. /**
    222. 

  222.  * 私有路劲安全转化
    223. 

  223.  * Controller中使用方法:$this->controller->filter_dir($fileName)
    224. 

  224.  * @param string $fileName
    225. 

  225.  * @return string
    226. 

  226.  */
    227. 

  227. function filter_dir($fileName) {
    228. 

  228.     $tmpname = strtolower($fileName);
    229. 

  229.     $temp = [':/', "\0", ".."];
    230. 

  230.     if (str_replace($temp, '', $tmpname) !== $tmpname) {
    231. 

  231.         return false;
    232. 

  232.     }
    233. 

  233.     return $fileName;
    234. 

  234. }
    235. 

  235. 

  236. /**
    237. 

  237.  * 过滤目录
    238. 

  238.  * Controller中使用方法:$this->controller->filter_path($path)
    239. 

  239.  * @param string $path
    240. 

  240.  * @return array
    241. 

  241.  */
    242. 

  242. function filter_path($path) {
    243. 

  243.     $path = str_replace(["'", '#', '=', '`', '$', '%', '&'], '', $path);
    244. 

  244.     return rtrim(preg_replace('/(\/){2,}|(\\\){1,}/', '/', $path), '/');
    245. 

  245. }
    246. 

  246. 

  247. /**
    248. 

  248.  * 过滤PHP标签
    249. 

  249.  * Controller中使用方法:$this->controller->filter_phptag($string)
    250. 

  250.  * @param string $string
    251. 

  251.  * @return string
    252. 

  252.  */
    253. 

  253. function filter_phptag($string) {
    254. 

  254.     return str_replace([''], ['<?', '?>'], $string);
    255. 

  255. }
    256. 

  256. 

  257. /**
    258. 

  258.  * 安全过滤类-返回函数
    259. 

  259.  * Controller中使用方法:$this->controller->str_out($value)
    260. 

  260.  * @param string $value 需要过滤的值
    261. 

  261.  * @return string
    262. 

  262.  */
    263. 

  263. function str_out($value) {
    264. 

  264.     $badstr = ["<", ">", "%3C", "%3E"];
    265. 

  265.     $newstr = ["<", ">", "<", ">"];
    266. 

  266.     $value = str_replace($newstr, $badstr, $value);
    267. 

  267. 

  268.     return stripslashes($value); //下划线
    269. 

  269. }
    270. 

  270. 

  271. ?>
    272.