1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205:
<?php
class PHPShopSecurity {
static function true_param() {
$Arg = func_get_args();
foreach ($Arg as $val) {
if (empty($val))
return false;
}
return true;
}
static function getExt($sFileName) {
$sTmp = $sFileName;
while ($sTmp != "") {
$sTmp = strstr($sTmp, ".");
if ($sTmp != "") {
$sTmp = substr($sTmp, 1);
$sExt = $sTmp;
}
}
$pos = stristr($sFileName, ".php");
if ($pos === false)
return strtolower($sExt);
}
static function CleanStr($str) {
$str = str_replace("\/", "|", $str);
$str = str_replace("\\", "|", $str);
return str_replace("'", "", $str);
}
static function CleanOut($str) {
$str = stripslashes($str);
$str = preg_replace('([\r\n\t;])', '', $str);
$str = @html_entity_decode($str, null, 'windows-1251');
return $str;
}
static function true_email($email) {
if (strlen($email) > 100)
return FALSE;
return preg_match("/^([a-z0-9_\.-]+@[a-z0-9_\.\-]+\.[a-z0-9_-]{2,8})$/i", trim($email));
}
static function true_login($login) {
return preg_match("/^[@a-zA-Z0-9_\.-]{2,60}$/", trim($login));
}
static function true_skin($skin) {
return preg_match("/^[a-zA-Z0-9\-_\.\/]{2,30}$/", trim($skin));
}
static function true_order($num) {
return preg_match("/^[0-9-]{4,20}$/", $num);
}
static function true_num($num) {
return preg_match("/^[0-9]{1,20}$/", $num);
}
static function true_tel($num) {
return preg_match("/^[0-9-() +]{10,25}$/", $num);
}
static function true_passw($passw) {
return preg_match("/^[a-zA-Z0-9_]{4,20}$/", trim($passw));
}
static function TotalClean($str, $flag = 2) {
switch ($flag) {
case 1:
if (!preg_match("/([0-9])/", $str))
$str = "0";
return abs($str);
break;
case 2:
return htmlspecialchars(stripslashes($str), ENT_QUOTES, 'windows-1251');
break;
case 3:
if (!preg_match("/^([a-z0-9_\.-]+@[a-z0-9_\.\-]+\.[a-z0-9_-]{2,6})$/i", $str))
$str = "";
return $str;
break;
case 4:
if (preg_match("/[^(\w)|(\x7F-\xFF)|(\s)]/", $str))
$str = "";
return htmlspecialchars(stripslashes($str), ENT_COMPAT, 'windows-1251');
break;
case 5:
if (preg_match("/[^(0-9)|(\-)|(\.]/", $str))
$str = 0;
return $str;
break;
}
}
static function true_search($search, $option = false) {
$count = strlen($search);
$search = strtolower($search);
$i = 0;
while ($i < ($count / 7)) {
$search = str_replace("'", "", $search);
$search = str_replace("\\", "", $search);
$search = str_replace("union", "", $search);
$search = str_replace("select", "", $search);
$search = str_replace("insert", "", $search);
$search = str_replace("delete", "", $search);
if (empty($option)) {
$search = str_replace(")", "", $search);
$search = str_replace("(", "", $search);
}
$i++;
}
if (!empty($search))
return trim($search);
}
}
?>