php安全之直接用$获取值而不$_GET 字符转义

1. 
   
2. <?
   
3. function my_addslashes($string, $force = 0) {
   
4. !defined('MAGIC_QUOTES_GPC') && define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
   
5. if(!MAGIC_QUOTES_GPC || $force) {
   
6. if(is_array($string)) {
   
7. foreach($string as $key => $val) {
   
8. $string[$key] = my_addslashes($val, $force);
   
9. }
   
10. } else {
    
11. $string = addslashes($string);
    
12. }
    
13. }
    
14. return $string;
    
15. }
    
16. foreach(array('_COOKIE', '_POST', '_GET') as $_request) {
    
17. foreach($$_request as $_key => $_value) {
    
18. $_key{0} != '_' && $$_key = my_addslashes($_value);
    
19. }
    
20. }
    
21. echo $urls;
    
22. ?>
    

复制代码