$fiter = array(
"‘|(and|or)\\b.+?(>|<|=|in|like)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)",
"\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"
);
$query = array($_REQUEST,$_REQUEST);
foreach ($fiter as $key => $value) {
foreach ($query as $_k => $_v) {
foreach ($_v as $__k => $__v) {
if (preg_match(‘/‘.$value.‘/is‘, $__v))
{
header(‘Location: /‘);
}
}
}
}
原文:http://www.cnblogs.com/Jerry-blog/p/4974578.html