12-28 3,164 views
1、格式化打印函数
function p($var)
{
if (is_bool($var)) {
var_dump($var);
} else if (is_null($var)) {
var_dump(NULL);
} else {
echo "<pre style='position:relative;z-index:1000;padding:10px;border-radius:5px;background:#F5F5F5;border:1px solid #aaa;font-size:14px;line-height:18px;opacity:0.9;'>" . print_r($var, true) . "</pre>";
}
}
2.人性化时间
function fn_formatdate($time){
$rtime = date("Y-m-d H:i",$time);
$htime = date("H:i",$time);
$time = time() - $time;
if ($time < 60){
$formatime = '刚才';
}elseif($time < 60 * 60){
$min = floor($time/60);
$formatime = $min.'分钟前';
}elseif($time < 60 * 60 * 24){
$h = floor($time/(60*60));
$formatime = $h.'小时前';
}elseif($time < 60 * 60 * 24 * 3){
$d = floor($time/(60*60*24));
if($d==1){
$formatime = '昨天 '.$htime;
}else{
$formatime = '前天 '.$htime;
}
}else{
$formatime = $rtime;
}
return $formatime;
}
3.curl 远程post
function fn_curl_post($uri,$data){
// 参数数组
$ch = curl_init ();
// print_r($ch);
curl_setopt ( $ch, CURLOPT_URL, $uri );
curl_setopt ( $ch, CURLOPT_POST, 1 );
curl_setopt ( $ch, CURLOPT_HEADER, 0 );
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 );
curl_setopt ( $ch, CURLOPT_POSTFIELDS, $data );
$return = curl_exec ( $ch );
curl_close ( $ch );
return $return;
}
4.特殊字符过滤
function format_str1($str){
$str = str_replace("\r\n","",$str);
$str = str_replace("\n","",$str);
$str = str_replace("\r","",$str);
$str = str_replace("'","'",$str);
$str = str_replace("\"","б▒",$str);
$str = str_replace("<","г╝",$str);
$str = str_replace(">","г╛",$str);
$str = str_replace("php","",$str);
//$str = str_replace("?","г┐",$str);
$str = str_replace("eval","",$str);
$str = str_replace("%","ге",$str);
$str = str_replace("$","",$str);
$str = str_replace("script"," ",$str);
//$str = str_replace("="," ",$str);
$str = str_replace("and"," ",$str);
$str = str_replace("select"," ",$str);
$str = str_replace("delete"," ",$str);
$str = str_replace("update"," ",$str);
return $str;
}
5.获取用户真实 IP
function getIP(){
static $realip;
if (isset($_SERVER)){
if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])){
$realip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else if (isset($_SERVER["HTTP_CLIENT_IP"])) {
$realip = $_SERVER["HTTP_CLIENT_IP"];
} else {
$realip = $_SERVER["REMOTE_ADDR"];
}
} else {
if (getenv("HTTP_X_FORWARDED_FOR")){
$realip = getenv("HTTP_X_FORWARDED_FOR");
} else if (getenv("HTTP_CLIENT_IP")) {
$realip = getenv("HTTP_CLIENT_IP");
} else {
$realip = getenv("REMOTE_ADDR");
}
}
return $realip;
}
6.检查用户名的合法性
function CheckUserID($uid, $msgtitle='用户名'){
//系统字符限制
$cfg_mb_notallow = 'www,bbs,ftp,mail,user,users,admin,administrator';
$nas = explode(',', $cfg_mb_notallow);
if(in_array($uid, $nas))
{
return $msgtitle.'为系统禁止的标识!';
}
$ck_uid = $uid;
for($i=0; isset($ck_uid[$i]); $i++){
if(ord($ck_uid[$i]) > 0x80){
if(isset($ck_uid[$i+1]) && ord($ck_uid[$i+1])>0x40){
$i++;
}else{
return $msgtitle.'可能含有乱码,建议你改用英文字母和数字组合!';
}
}else{
if(preg_match("/[^0-9a-z@\.-_]/i",$ck_uid[$i])){
return $msgtitle.'不能含有 [@]、[.]、[-]以外的特殊符号!';
}
}
}
return 'ok';
}
7.sql注入
//sql注入
function inject_check($sql_str) {
return eregi('select|insert|and|or|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile', $sql_str);
}
//sql注入
function verify_id($id=null) {
if(!$id) {
exit('没有提交参数!');
} elseif(inject_check($id)) {
exit('提交的参数非法!');
} elseif(!is_numeric($id)) {
exit('提交的参数非法!');
}
$id = intval($id);
return $id;
}
//替换(移除)sql接受参数的特殊字符
function removeSQL($val){
$val=mysql_escape_string(trim($val));
$arr=array("'",";","=","*","delete","alter","select","and ","or ","update","unique","show","set ");
foreach ($arr as $v) {
$val=str_ireplace($v,"",$val);
}
return $val;
}