分享自定义的几个PHP功能函数
最近不是在折腾论坛嘛,各种类各种函数,原创一些,从别人那儿qiang过来一些,在此分享出来,希望有朋友能用的到~
注意:部分函数可能不够完善,由此造成的漏洞风险自担~
提交过滤
functionfilter($text) { //完全过滤注释 $text=preg_replace('/<!--?.*-->/','',$text); //完全过滤js $text=preg_replace('/<script?.*\/script>/','',$text); //过滤危险的属性,如:过滤on事件langjs while(preg_match('/(<[^><]+)(lang|action|background|codebase|dynsrc|lowsrc)[^><]+/i',$text,$mat)){ $text=str_replace($mat[0],$mat[1],$text); } while(preg_match('/(<[^><]+)(window\.|javascript:|js:|about:|file:|document\.|vbs:|cookie)([^><]*)/i',$text,$mat)){ $text=str_replace($mat[0],$mat[1].$mat[3],$text); } //过滤多余html $text=preg_replace('/<\/?(html|head|meta|link|base|basefont|body|bgsound|script|form|iframe|frame|frameset|applet|id|ilayer|layer|name|script|xml)[^><]*>/i','',$text); //反转换 $text=str_replace('[','<',$text); $text=str_replace(']','>',$text); $text=str_replace('|','"',$text); return$text; }
提交过滤2
functionstripslashes_array(&$array) { while(list($key,$var)=each($array)){ if($key!='argc'&&$key!='argv'&&(strtoupper($key)!=$key||''.intval($key)=="$key")){ if(is_string($var)){ $array[$key]=stripslashes($var); } if(is_array($var)){ $array[$key]=stripslashes_array($var); } } } return$array; }
字符串截取(这个是emlog里提出来的,其实也就是substr的增强版)
functionsubString($strings,$start,$length) { if(function_exists('mb_substr')&&function_exists('mb_strlen')){ $sub_str=mb_substr($strings,$start,$length,'utf8'); returnmb_strlen($sub_str,'utf8')<mb_strlen($strings,'utf8')?$sub_str.'...':$sub_str; } $str=substr($strings,$start,$length); $char=0; for($i=0;$i<strlen($str);$i++){ if(ord($str[$i])>=128) $char++; } $str2=substr($strings,$start,$length+1); $str3=substr($strings,$start,$length+2); if($char%3==1){ if($length<=strlen($strings)){ $str3=$str3.='...'; } return$str3; } if($char%3==2){ if($length<=strlen($strings)){ $str2=$str2.='...'; } return$str2; } if($char%3==0){ if($length<=strlen($strings)){ $str=$str.='...'; } return$str; } }
IP地址匿名化(最后一位替换为星号)
functionAnonymousIP() { $ip=GetIP(); if($ip=="Unknown"){ $removed_ip="未知用户"; } if(strpos($ip,":")){ $removed_ip="IPv6用户"; }else{ $reg1='/((?:\d+\.){3})\d+/'; $reg2='~(\d+)\.(\d+)\.(\d+)\.(\d+)~'; $removed_ip=preg_replace($reg1,"\\1*",$ip); } return$removed_ip; }
获取客户端IP地址
functionGetIP() { if(@$_SERVER["HTTP_X_FORWARDED_FOR"]) $ip=$_SERVER["HTTP_X_FORWARDED_FOR"]; elseif(@$_SERVER["HTTP_CLIENT_IP"]) $ip=$_SERVER["HTTP_CLIENT_IP"]; elseif(@$_SERVER["REMOTE_ADDR"]) $ip=$_SERVER["REMOTE_ADDR"]; elseif(@getenv("HTTP_X_FORWARDED_FOR")) $ip=getenv("HTTP_X_FORWARDED_FOR"); elseif(@getenv("HTTP_CLIENT_IP")) $ip=getenv("HTTP_CLIENT_IP"); elseif(@getenv("REMOTE_ADDR")) $ip=getenv("REMOTE_ADDR"); else $ip="Unknown"; return$ip; }
字符串加密(支持中文)
functiondencrypt($string,$isEncrypt=true,$key="youdian") { if(!isset($string{0})||!isset($key{0})){ returnfalse; } $dynKey=$isEncrypt?hash('sha1',microtime(true)):substr($string,0,40); $fixedKey=hash('sha1',$key); $dynKeyPart1=substr($dynKey,0,20); $dynKeyPart2=substr($dynKey,20); $fixedKeyPart1=substr($fixedKey,0,20); $fixedKeyPart2=substr($fixedKey,20); $key=hash('sha1',$dynKeyPart1.$fixedKeyPart1.$dynKeyPart2.$fixedKeyPart2); $string=$isEncrypt?$fixedKeyPart1.$string.$dynKeyPart2:(isset($string{339})?gzuncompress(base64_decode(substr($string,40))):base64_decode(substr($string,40))); $n=0; $result=''; $len=strlen($string); for($n=0;$n<$len;$n++){ $result.=chr(ord($string{$n})^ord($key{$n%40})); } return$isEncrypt?$dynKey.str_replace('=','',base64_encode($n>299?gzcompress($result):$result)):substr($result,20,-20); }
检查字符串是否包含中文
functionCheckChinese($string) { if(preg_match("/[\x7f-\xff]/",$string)){ returntrue; }else{ returnfalse; } }
隐藏文件真实路径
functionFileHeaderJump($file) { header('Content-Description:FileTransfer'); header('Content-Type:application/octet-stream'); header('Content-Disposition:attachment;filename='.basename($file)); header('Content-Transfer-Encoding:binary'); header('Expires:0'); header('Cache-Control:must-revalidate,post-check=0,pre-check=0'); header('Pragma:public'); header('Content-Length:'.filesize($file)); ob_clean(); flush(); readfile($file); exit; }
生成随机字符串,自定义长度
functionCreateRandomString($length) { $chars='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $password=""; for($i=0;$i<$length;$i++){ $password.=$chars[mt_rand(0,strlen($chars)-1)]; } return$password; }