哪些字符被认为是安全的？ [英] What chars are considered safe?

查看：135 发布时间：2019/6/6 13:08:31 php

本文介绍了哪些字符被认为是安全的？的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在为一些用户输入编写一个消毒路线。数据是产品的英文文字描述，然后进入数据库，然后返回给其他用户的浏览器。
br />
按照惯例，我的工作基础是留下我认为安全的所有

字符并剥离其他所有字符。这个

让我想到了哪些角色实际上是安全的，因为用户

希望能够使用至少基本的标点，货币符号

等等。避免<和>看起来显而易见，但大多数其他东西都有一个

使用我认为。

我现在的行看起来像这样：

$ data = preg_replace（''/ [||\\\\\\\\\\\\\\\\\\\\\\\ ''，""，$ data）;

（请注意，这些是*不*要替换的字符列表。）是否有任何

这些危险吗？或者我遗漏了一些无害的东西，应该在

那里？

-

用于的电子邮件地址帖子是垃圾邮件坑。请通过
http://www.derekfountain.org 与我联系：< a

href =" http：//www.derekfountain.org/"> Derek Fountain< / a>

I was just writing a sanitisation route for a bit of user input. The data is
an English text description of a product, and will go into a DB, then back
out to other user''s browsers.

As per normal practise, I was working on the basis of leaving in all
characters that I considered safe and stripping out everything else. This
led me to think of what characters are actually safe, given that the user
will want to be able to use at least basic punctuation, currency symbols
and so on. Avoiding < and > seemed obvious, but most other things have a
use I think.

My current line looks like this:

$data = preg_replace( ''/[^\s\w\d@"\''()[]{}:#~!$%&*_-+.,]/'', "", $data );

(Note that''s a list of chars that are *not* to be replaced.) Are any of
these dangerous? Or have I left out some that are harmless and should be in
there?

--
The email address used to post is a spam pit. Contact me at
http://www.derekfountain.org : <a
href="http://www.derekfountain.org/">Derek Fountain</a>

哪些字符被认为是安全的？ [英] What chars are considered safe?

问题描述

推荐答案

相关文章

PHP最新文章

热门教程

热门工具

登录关闭

哪些字符被认为是安全的？ [英] What chars are considered safe?

问题描述

推荐答案

相关文章

PHP最新文章

热门教程

热门工具

登录 关闭

登录关闭