Skip to content
Permalink
Browse files

改进think_filter方法

  • Loading branch information...
liu21st committed Apr 14, 2018
1 parent 977806d commit 7e47e34af72996497c90c20bcfa3b2e1cedd7fa4
Showing with 9 additions and 9 deletions.
  1. +9 −9 ThinkPHP/Common/functions.php
@@ -332,16 +332,16 @@ function I($name, $default = '', $filter = null, $datas = null)
break;
case 'param':
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
case 'POST':
$input = $_POST;
break;
case 'PUT':
case 'PUT':
if (is_null($_PUT)) {
parse_str(file_get_contents('php://input'), $_PUT);
}
$input = $_PUT;
break;
default:
default:
$input = $_GET;
}
break;
@@ -419,19 +419,19 @@ function I($name, $default = '', $filter = null, $datas = null)
}
if (!empty($type)) {
switch (strtolower($type)) {
case 'a': // 数组
case 'a': // 数组
$data = (array) $data;
break;
case 'd': // 数字
case 'd': // 数字
$data = (int) $data;
break;
case 'f': // 浮点
case 'f': // 浮点
$data = (float) $data;
break;
case 'b': // 布尔
case 'b': // 布尔
$data = (boolean) $data;
break;
case 's':// 字符串
case 's': // 字符串
default:
$data = (string) $data;
}
@@ -1749,7 +1749,7 @@ function think_filter(&$value)
// TODO 其他安全过滤
// 过滤查询特殊字符
if (preg_match('/^(EXP|NEQ|GT|EGT|LT|ELT|OR|XOR|LIKE|NOTLIKE|NOT BETWEEN|NOTBETWEEN|BETWEEN|NOTIN|NOT IN|IN)$/i', $value)) {
if (preg_match('/^(EXP|NEQ|GT|EGT|LT|ELT|OR|XOR|LIKE|NOTLIKE|NOT BETWEEN|NOTBETWEEN|BETWEEN|NOTIN|NOT IN|IN|BIND)$/i', $value)) {
$value .= ' ';
}
}

0 comments on commit 7e47e34

Please sign in to comment.
You can’t perform that action at this time.