-
Notifications
You must be signed in to change notification settings - Fork 10
/
security_filter.php
125 lines (117 loc) · 3.29 KB
/
security_filter.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
/**
* 全局安全过滤函数
* 支持SQL注入和跨站脚本攻击
*/
function global_filter()
{
//APP,ACT 分别为控制器和控制器方法
$params = array(APP, ACT);
foreach($params as $k => $v)
{
if(!preg_match("/^[a-zA-Z0-9_-]+$/", $v))
{
header_status_404();
}
}
$arrStr = array('%0d%0a', "'", '<', '>', '$', 'script', 'document', 'eval','atestu','select','insert?into','delete?from');
global_inject_input($_SERVER['HTTP_REFERER'], $arrStr, true);
global_inject_input($_SERVER['HTTP_USER_AGENT'], $arrStr, true);
global_inject_input($_SERVER['HTTP_ACCEPT_LANGUAGE'], $arrStr, true);
global_inject_input($_GET, array_merge($arrStr, array('"')), true);
//global_inject_input($_COOKIE, array_merge($arrStr, array('"', '&')), true);
//cookie会有对url的记录(pGClX_last_url)。去掉对&的判断
global_inject_input($_COOKIE, array_merge($arrStr, array('"')), true);
global_inject_input($_SERVER, array('%0d%0a'), true);
//处理跨域POST提交问题
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
//处理客户端POST请求处理没有HTTP_REFERER参数问题
if(isset($_SERVER['HTTP_REFERER']))
{
$url = parse_url($_SERVER['HTTP_REFERER']);
$referer_host = !empty($url['port']) && $url['port'] != '80' ? $url['host'].':'.$url['port'] : $url['host'];
if($referer_host != $_SERVER['HTTP_HOST'])
{
header_status_404();
}
}
}
global_inject_input($_POST, array('%0d%0a'));
global_inject_input($_REQUEST, array('%0d%0a'));
}
/**
* 全局安全过滤函数
*/
function global_inject_input($string, $inject_string, $replace = false)
{
if(!is_array($string))
{
foreach($inject_string as $value)
{
if(stripos(strtolower($string), $value) !== false)
{
header_status_404();
}
}
if($replace)
{
return filter_var(safe_replace($string),FILTER_SANITIZE_STRING);
}
else
{
return $string;
}
}
foreach($string as $key => $val)
{
$string[$key] = global_inject_input($val, $inject_string, $replace);
}
return $string;
}
/**
* http 头信息
**/
function header_status_404($status = '404')
{
if(substr(php_sapi_name(), 0, 3) == 'cgi')
{
header('Status: '.$status, TRUE);
exit;
}
else
{
header($_SERVER['SERVER_PROTOCOL'].' '.$status);
$error_404 = "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n";
$error_404 .= "<html><head>\r\n";
$error_404 .= "<title>404 Not Found</title>\r\n";
$error_404 .= "</head><body>\r\n";
$error_404 .= "<h1>Object not found!</h1>\r\n";
$error_404 .= "<p>The requested URL was not found on this server!~</p>\r\n";
$error_404 .= "<h2>Error 404</h2></body></html>";
echo $error_404;
exit;
}
}
/**
* 安全过滤函数
*
* @param $string
* @return string
*/
function safe_replace($string)
{
$string = str_replace('%20', '', $string);
$string = str_replace('%27', '', $string);
$string = str_replace('%2527', '', $string);
$string = str_replace('*', '', $string);
$string = str_replace('"', '"', $string);
$string = str_replace("'", '', $string);
$string = str_replace('"', '', $string);
$string = str_replace(';', '', $string);
$string = str_replace('<', '<', $string);
$string = str_replace('>', '>', $string);
$string = str_replace("{", '', $string);
$string = str_replace('}', '', $string);
return $string;
}