我写了这个函数来清理和转换传入的GET POST参数。 清洁功能包含:
if (get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
$str = mysql_real_escape_string($str);
$search = array('"', "\"", "'", "\'", "\\", "", ")", "$", "}","{", "`", "´");
$str = str_replace($search, "",$str);
问题是:虽然没有GET POST参数,但我的Dualcore 1.6GHz笔记本需要1.0108秒才能使用4 GB内存。
//this to avoid undefined variables
$variableList = array(
"action" => "get",
"site" => "get",
"lng" => "get",
"save_profile" => "post",
"pass" => "post",
"name" => "post",
"logout" => "get",
"page" => "get"
);
foreach ($variableList as $key => $value)
{
${"_" . $value . ucfirst(clean($key))} = false;
$smarty->assign("_$value" . ucfirst(clean($key)), false);
}
foreach ($_GET as $key => $value)
{
${"_get" . ucfirst(clean($key))} = clean($value);
$smarty->assign("_get" . ucfirst(clean($key)), ${"_get" . ucfirst(clean($key))});
}
foreach ($_POST as $key => $value)
{
${"_post" . ucfirst(clean($key))} = clean($value);
$smarty->assign("_post" . ucfirst(clean($key)), ${"_post" . ucfirst(clean($key))});
}
你有消化吗?