我编写了这个函数来清理和转换传入的 GET POST 参数。清洁功能包含:
if (get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
$str = mysql_real_escape_string($str);
$search = array('"', "\"", "'", "\'", "\\", "", ")", "$", "}","{", "`", "´");
$str = str_replace($search, "",$str);
问题是:虽然没有 GET POST 参数,但在具有 4 GB 内存的 Dualcore 1.6GHz 笔记本上需要 1.0108 秒。
//this to avoid undefined variables
$variableList = array(
"action" => "get",
"site" => "get",
"lng" => "get",
"save_profile" => "post",
"pass" => "post",
"name" => "post",
"logout" => "get",
"page" => "get"
);
foreach ($variableList as $key => $value)
{
${"_" . $value . ucfirst(clean($key))} = false;
$smarty->assign("_$value" . ucfirst(clean($key)), false);
}
foreach ($_GET as $key => $value)
{
${"_get" . ucfirst(clean($key))} = clean($value);
$smarty->assign("_get" . ucfirst(clean($key)), ${"_get" . ucfirst(clean($key))});
}
foreach ($_POST as $key => $value)
{
${"_post" . ucfirst(clean($key))} = clean($value);
$smarty->assign("_post" . ucfirst(clean($key)), ${"_post" . ucfirst(clean($key))});
}
那你有什么建议吗?