PHP 清理$ _SERVER全局变量

Posted 2021-05-14

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了PHP 清理$ _SERVER全局变量相关的知识，希望对你有一定的参考价值。

// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
	$bad_entities = array(&quot;&amp;&quot;, &quot;\&quot;&quot;, &quot;'&quot;, '\&quot;', &quot;\'&quot;, &quot;&lt;&quot;, &quot;&gt;&quot;, &quot;(&quot;, &quot;)&quot;, &quot;*&quot;);
	$safe_entities = array(&quot;&amp;amp;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;, &quot;&quot;);
	$url = str_replace($bad_entities, $safe_entities, $url);
	return $url;
}

// Sanitise $_SERVER globals
$_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']);
$_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : &quot;&quot;;
$_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : &quot;&quot;;
$PHP_SELF = cleanurl($_SERVER['PHP_SELF']);

以上是关于PHP 清理$ _SERVER全局变量的主要内容，如果未能解决你的问题，请参考以下文章