當前位置: 首頁>>代碼示例>>PHP>>正文

PHP Sanitize::sanitize方法代碼示例

本文整理匯總了PHP中Sanitize::sanitize方法的典型用法代碼示例。如果您正苦於以下問題:PHP Sanitize::sanitize方法的具體用法?PHP Sanitize::sanitize怎麽用?PHP Sanitize::sanitize使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在Sanitize的用法示例。


在下文中一共展示了Sanitize::sanitize方法的2個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: __construct

class Sanitize
{
    private $data;
    public function __construct($input)
    {
        $this->data = $input;
    }
    public function getData()
    {
        return $this->data;
    }
    public function sanitize()
    {
        $this->data = mysql_real_escape_string($this->data);
    }
}
$sanitizer = new Sanitize($tainted);
$sanitizer->sanitize();
$tainted = $sanitizer->getData();
$query = sprintf("SELECT * FROM '%s'", $tainted);
$conn = mysql_connect('localhost', 'mysql_user', 'mysql_password');
// Connection to the database (address, user, password)
mysql_select_db('dbname');
echo "query : " . $query . "<br /><br />";
$res = mysql_query($query);
//execution
while ($data = mysql_fetch_array($res)) {
    print_r($data);
    echo "<br />";
}
mysql_close($conn);
開發者ID:stivalet,項目名稱:PHP-Vulnerability-test-suite,代碼行數:31,代碼來源:CWE_89__POST__object-func_mysql_real_escape_stringGetter__select_from-sprintf_%s_simple_quote.php

示例2: sanitize

MODIFICATIONS.*/
$descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("file", "/tmp/error-output.txt", "a"));
$cwd = '/tmp';
$process = proc_open('more /tmp/tainted.txt', $descriptorspec, $pipes, $cwd, NULL);
if (is_resource($process)) {
    fclose($pipes[0]);
    $tainted = stream_get_contents($pipes[1]);
    fclose($pipes[1]);
    $return_value = proc_close($process);
}
class Sanitize
{
    public function sanitize($input)
    {
        return mysql_real_escape_string($input);
    }
}
$temp = new Sanitize();
$tainted = $temp->sanitize($tainted);
$query = "SELECT lastname, firstname FROM drivers, vehicles WHERE drivers.id = vehicles.ownerid AND vehicles.tag=' {$tainted} '";
$conn = mysql_connect('localhost', 'mysql_user', 'mysql_password');
// Connection to the database (address, user, password)
mysql_select_db('dbname');
echo "query : " . $query . "<br /><br />";
$res = mysql_query($query);
//execution
while ($data = mysql_fetch_array($res)) {
    print_r($data);
    echo "<br />";
}
mysql_close($conn);
開發者ID:stivalet,項目名稱:PHP-Vulnerability-test-suite,代碼行數:31,代碼來源:CWE_89__proc_open__object-func_mysql_real_escape_string__join-interpretation_simple_quote.php


注:本文中的Sanitize::sanitize方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。