{"id":3069,"date":"2025-03-21T00:09:49","date_gmt":"2025-03-20T16:09:49","guid":{"rendered":"https:\/\/www.laixuexila.com\/?p=3069"},"modified":"2025-03-21T00:09:49","modified_gmt":"2025-03-20T16:09:49","slug":"php-%e8%bf%87%e6%bb%a4%e5%99%a8%ef%bc%88filters%ef%bc%89%e5%ae%8c%e6%95%b4%e6%8c%87%e5%8d%97","status":"publish","type":"post","link":"https:\/\/www.laixuexila.com\/index.php\/2025\/03\/21\/php-%e8%bf%87%e6%bb%a4%e5%99%a8%ef%bc%88filters%ef%bc%89%e5%ae%8c%e6%95%b4%e6%8c%87%e5%8d%97\/","title":{"rendered":"PHP \u8fc7\u6ee4\u5668\uff08Filters\uff09\u5b8c\u6574\u6307\u5357"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><strong>1. \u4ec0\u4e48\u662f PHP \u8fc7\u6ee4\u5668\uff1f<\/strong><\/h2>\n\n\n\n<p>PHP \u8fc7\u6ee4\u5668\uff08Filters\uff09\u7528\u4e8e <strong>\u9a8c\u8bc1<\/strong> \u548c <strong>\u6e05\u7406<\/strong> \u6570\u636e\uff0c\u4e3b\u8981\u7528\u4e8e\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u8fc7\u6ee4 <strong>\u7528\u6237\u8f93\u5165\u6570\u636e<\/strong>\uff08\u5982 <code>$_GET<\/code>\u3001<code>$_POST<\/code>\uff09<\/li>\n\n\n\n<li>\u8fc7\u6ee4 <strong>\u8868\u5355\u6570\u636e<\/strong><\/li>\n\n\n\n<li>\u5904\u7406 <strong>API \u8bf7\u6c42\u53c2\u6570<\/strong><\/li>\n\n\n\n<li>\u8fc7\u6ee4 <strong>\u6570\u636e\u5e93\u8f93\u5165<\/strong><\/li>\n\n\n\n<li>\u8fc7\u6ee4 <strong>\u6587\u4ef6\u4e0a\u4f20<\/strong><\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>2. <code>filter_var()<\/code> &#8211; \u8fc7\u6ee4\u5355\u4e2a\u53d8\u91cf<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u8bed\u6cd5<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>filter_var(\u53d8\u91cf, \u8fc7\u6ee4\u5668, \u9009\u9879);<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u793a\u4f8b<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>$email = \"test@example.com\";\nif (filter_var($email, FILTER_VALIDATE_EMAIL)) {\n    echo \"\u6709\u6548\u7684 Email \u5730\u5740\";\n} else {\n    echo \"\u65e0\u6548\u7684 Email \u5730\u5740\";\n}<\/code><\/pre>\n\n\n\n<p>\ud83d\udccc <code>FILTER_VALIDATE_EMAIL<\/code> \u7528\u4e8e <strong>\u9a8c\u8bc1<\/strong> Email \u683c\u5f0f\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>3. <code>filter_input()<\/code> &#8211; \u8fc7\u6ee4\u5168\u5c40\u53d8\u91cf<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u8bed\u6cd5<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>filter_input(\u7c7b\u578b, \u53d8\u91cf\u540d, \u8fc7\u6ee4\u5668, \u9009\u9879);<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>\u7c7b\u578b<\/code>\uff1a<\/li>\n\n\n\n<li><code>INPUT_GET<\/code><\/li>\n\n\n\n<li><code>INPUT_POST<\/code><\/li>\n\n\n\n<li><code>INPUT_COOKIE<\/code><\/li>\n\n\n\n<li><code>INPUT_SERVER<\/code><\/li>\n\n\n\n<li><code>INPUT_ENV<\/code><\/li>\n\n\n\n<li><code>\u53d8\u91cf\u540d<\/code>\uff1a\u8981\u68c0\u67e5\u7684\u53d8\u91cf\uff08\u5982 <code>\"email\"<\/code>\uff09<\/li>\n\n\n\n<li><code>\u8fc7\u6ee4\u5668<\/code>\uff1a\u9a8c\u8bc1\u6216\u6e05\u7406\u6570\u636e<\/li>\n\n\n\n<li><code>\u9009\u9879<\/code>\uff08\u53ef\u9009\uff09\uff1a\u989d\u5916\u7684\u9a8c\u8bc1\u89c4\u5219<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u793a\u4f8b<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>$email = filter_input(INPUT_GET, \"email\", FILTER_VALIDATE_EMAIL);\nif ($email) {\n    echo \"\u6709\u6548 Email\";\n} else {\n    echo \"\u65e0\u6548 Email\";\n}<\/code><\/pre>\n\n\n\n<p>\ud83d\udccc \u4ece <code>$_GET['email']<\/code> \u8bfb\u53d6\u6570\u636e\uff0c\u5e76\u8fdb\u884c <strong>Email \u9a8c\u8bc1<\/strong>\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>4. \u8fc7\u6ee4\u5668\u7c7b\u578b<\/strong><\/h2>\n\n\n\n<p>PHP \u63d0\u4f9b\u4e86 <strong>\u4e24\u5927\u7c7b<\/strong> \u8fc7\u6ee4\u5668\uff1a<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>\u9a8c\u8bc1\u8fc7\u6ee4\u5668<\/strong>\uff08Validation\uff09\u2705\uff1a\u7528\u4e8e <strong>\u68c0\u67e5<\/strong> \u6570\u636e\u662f\u5426\u7b26\u5408\u683c\u5f0f<\/li>\n\n\n\n<li><strong>\u6e05\u7406\u8fc7\u6ee4\u5668<\/strong>\uff08Sanitization\uff09\ud83e\uddfc\uff1a\u7528\u4e8e <strong>\u5220\u9664<\/strong> \u4e0d\u9700\u8981\u7684\u5b57\u7b26<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>5. \u9a8c\u8bc1\u8fc7\u6ee4\u5668<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u5e38\u89c1 <code>FILTER_VALIDATE_*<\/code> \u8fc7\u6ee4\u5668<\/strong><\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u8fc7\u6ee4\u5668<\/th><th>\u4f5c\u7528<\/th><th>\u793a\u4f8b<\/th><\/tr><\/thead><tbody><tr><td><code>FILTER_VALIDATE_INT<\/code><\/td><td>\u9a8c\u8bc1\u6574\u6570<\/td><td><code>123<\/code> \u2705, <code>\"abc\"<\/code> \u274c<\/td><\/tr><tr><td><code>FILTER_VALIDATE_FLOAT<\/code><\/td><td>\u9a8c\u8bc1\u6d6e\u70b9\u6570<\/td><td><code>3.14<\/code> \u2705, <code>\"test\"<\/code> \u274c<\/td><\/tr><tr><td><code>FILTER_VALIDATE_BOOLEAN<\/code><\/td><td>\u9a8c\u8bc1\u5e03\u5c14\u503c<\/td><td><code>true, false, 1, 0, \"yes\"<\/code> \u2705<\/td><\/tr><tr><td><code>FILTER_VALIDATE_EMAIL<\/code><\/td><td>\u9a8c\u8bc1 Email<\/td><td><code>\"test@example.com\"<\/code> \u2705<\/td><\/tr><tr><td><code>FILTER_VALIDATE_URL<\/code><\/td><td>\u9a8c\u8bc1 URL<\/td><td><code>\"https:\/\/www.example.com\"<\/code> \u2705<\/td><\/tr><tr><td><code>FILTER_VALIDATE_IP<\/code><\/td><td>\u9a8c\u8bc1 IP \u5730\u5740<\/td><td><code>\"192.168.1.1\"<\/code> \u2705<\/td><\/tr><tr><td><code>FILTER_VALIDATE_MAC<\/code><\/td><td>\u9a8c\u8bc1 MAC \u5730\u5740<\/td><td><code>\"00:1A:2B:3C:4D:5E\"<\/code> \u2705<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u793a\u4f8b<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>$int = \"100\";\nif (filter_var($int, FILTER_VALIDATE_INT)) {\n    echo \"\u6709\u6548\u6574\u6570\";\n} else {\n    echo \"\u65e0\u6548\u6574\u6570\";\n}<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>6. \u6e05\u7406\u8fc7\u6ee4\u5668<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u5e38\u89c1 <code>FILTER_SANITIZE_*<\/code> \u8fc7\u6ee4\u5668<\/strong><\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u8fc7\u6ee4\u5668<\/th><th>\u4f5c\u7528<\/th><th>\u793a\u4f8b<\/th><\/tr><\/thead><tbody><tr><td><code>FILTER_SANITIZE_STRING<\/code><\/td><td>\u79fb\u9664 HTML \u6807\u7b7e<\/td><td><code>\"Hello &lt;b&gt;World&lt;\/b&gt;\" \u2192 \"Hello World\"<\/code><\/td><\/tr><tr><td><code>FILTER_SANITIZE_EMAIL<\/code><\/td><td>\u79fb\u9664\u975e\u6cd5 Email \u5b57\u7b26<\/td><td><code>\"test @ example.com\" \u2192 \"test@example.com\"<\/code><\/td><\/tr><tr><td><code>FILTER_SANITIZE_URL<\/code><\/td><td>\u79fb\u9664\u975e\u6cd5 URL \u5b57\u7b26<\/td><td><code>\"http:\/\/ example.com\"<\/code><\/td><\/tr><tr><td><code>FILTER_SANITIZE_NUMBER_INT<\/code><\/td><td>\u8fc7\u6ee4\u6574\u6570\uff08\u4fdd\u7559\u6570\u5b57+<code>-<\/code>\uff09<\/td><td><code>\"123abc\"<\/code> \u2192 <code>\"123\"<\/code><\/td><\/tr><tr><td><code>FILTER_SANITIZE_NUMBER_FLOAT<\/code><\/td><td>\u8fc7\u6ee4\u6d6e\u70b9\u6570\uff08\u652f\u6301\u5c0f\u6570\u70b9\uff09<\/td><td><code>\"3.14abc\"<\/code> \u2192 <code>\"3.14\"<\/code><\/td><\/tr><tr><td><code>FILTER_SANITIZE_SPECIAL_CHARS<\/code><\/td><td>HTML \u5b9e\u4f53\u7f16\u7801<\/td><td><code>\"&lt;script&gt;\" \u2192 \"&amp;lt;script&amp;gt;\"<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u793a\u4f8b<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>$dirty_string = \"&lt;h1&gt;Hello&lt;\/h1&gt;\";\n$clean_string = filter_var($dirty_string, FILTER_SANITIZE_STRING);\necho $clean_string; \/\/ \u8f93\u51fa \"Hello\"<\/code><\/pre>\n\n\n\n<p>\ud83d\udccc <code>FILTER_SANITIZE_STRING<\/code> \u79fb\u9664\u4e86 HTML \u6807\u7b7e\uff0c\u9632\u6b62 <strong>XSS \u653b\u51fb<\/strong>\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>7. \u9009\u9879\u548c\u6807\u5fd7<\/strong><\/h2>\n\n\n\n<p>PHP \u8fc7\u6ee4\u5668 <strong>\u652f\u6301\u81ea\u5b9a\u4e49\u9009\u9879<\/strong> \u4ee5\u66f4\u7cbe\u786e\u5730\u63a7\u5236\u6570\u636e\u683c\u5f0f\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u793a\u4f8b\uff1a\u8bbe\u7f6e\u6700\u5c0f\/\u6700\u5927\u6574\u6570\u8303\u56f4<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>$options = array(\n    \"options\" =&gt; array(\n        \"min_range\" =&gt; 1,\n        \"max_range\" =&gt; 100\n    )\n);\n$number = 50;\nif (filter_var($number, FILTER_VALIDATE_INT, $options)) {\n    echo \"\u6709\u6548\u6570\u5b57\";\n} else {\n    echo \"\u8d85\u51fa\u8303\u56f4\";\n}<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>8. \u8fc7\u6ee4\u591a\u4e2a\u8f93\u5165\u6570\u636e<\/strong><\/h2>\n\n\n\n<p>\u4f7f\u7528 <code>filter_input_array()<\/code> \u53ef\u4ee5\u4e00\u6b21\u6027\u8fc7\u6ee4\u591a\u4e2a\u6570\u636e\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u793a\u4f8b<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>$filters = array(\n    \"name\" =&gt; FILTER_SANITIZE_STRING,\n    \"email\" =&gt; FILTER_VALIDATE_EMAIL,\n    \"age\" =&gt; array(\n        \"filter\" =&gt; FILTER_VALIDATE_INT,\n        \"options\" =&gt; array(\"min_range\" =&gt; 18, \"max_range\" =&gt; 100)\n    )\n);\n$input = filter_input_array(INPUT_POST, $filters);\nif ($input&#91;\"email\"] &amp;&amp; $input&#91;\"age\"]) {\n    echo \"\u6570\u636e\u6709\u6548\";\n} else {\n    echo \"\u6570\u636e\u65e0\u6548\";\n}<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>9. \u7ed3\u5408 <code>htmlspecialchars()<\/code> \u9632\u6b62 XSS<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>$name = filter_input(INPUT_GET, \"name\", FILTER_SANITIZE_STRING);\necho htmlspecialchars($name, ENT_QUOTES, 'UTF-8');<\/code><\/pre>\n\n\n\n<p>\ud83d\udccc <strong>\u9632\u6b62 XSS<\/strong> \u653b\u51fb\uff0c\u786e\u4fdd\u7279\u6b8a\u5b57\u7b26\uff08<code>&lt; &gt; &amp; \" '<\/code>\uff09\u4e0d\u4f1a\u6267\u884c\u811a\u672c\u3002<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>10. \u7efc\u5408\u6848\u4f8b<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u8fc7\u6ee4\u548c\u9a8c\u8bc1\u7528\u6237\u6ce8\u518c\u4fe1\u606f<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>if ($_SERVER&#91;\"REQUEST_METHOD\"] == \"POST\") {\n    $username = filter_var($_POST&#91;\"username\"], FILTER_SANITIZE_STRING);\n    $email = filter_var($_POST&#91;\"email\"], FILTER_VALIDATE_EMAIL);\n    $age = filter_var($_POST&#91;\"age\"], FILTER_VALIDATE_INT, &#91;\n        \"options\" =&gt; &#91;\"min_range\" =&gt; 18, \"max_range\" =&gt; 100]\n    ]);\n\n    if ($username &amp;&amp; $email &amp;&amp; $age) {\n        echo \"\u6ce8\u518c\u6210\u529f\uff01\";\n    } else {\n        echo \"\u8f93\u5165\u65e0\u6548\uff0c\u8bf7\u68c0\u67e5\u6570\u636e\u683c\u5f0f\uff01\";\n    }\n}<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>11. \u8fc7\u6ee4\u5668\u6700\u4f73\u5b9e\u8df5<\/strong><\/h2>\n\n\n\n<p>\u2705 <strong>\u8868\u5355\u6570\u636e\u4e00\u5b9a\u8981\u8fc7\u6ee4<\/strong>\uff1a\u9632\u6b62 SQL \u6ce8\u5165 &amp; XSS \u653b\u51fb<br>\u2705 <strong>\u4f7f\u7528 <code>filter_var()<\/code> \u8fdb\u884c\u6570\u636e\u6e05\u7406<\/strong>\uff0c\u907f\u514d\u624b\u5199\u6b63\u5219<br>\u2705 <strong>\u5bf9\u4e8e URL\u3001Email\u3001IP \u5730\u5740\u7b49\u6570\u636e\u4f7f\u7528 <code>FILTER_VALIDATE_*<\/code><\/strong><br>\u2705 <strong>\u5bf9\u7528\u6237\u8f93\u5165\u7684\u5b57\u7b26\u4e32\u4f7f\u7528 <code>FILTER_SANITIZE_STRING<\/code><\/strong> \u8fc7\u6ee4\u7279\u6b8a\u5b57\u7b26<br>\u2705 <strong>\u7ed3\u5408 <code>htmlspecialchars()<\/code> \u786e\u4fdd\u524d\u7aef\u5b89\u5168<\/strong><\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u603b\u7ed3<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u65b9\u6cd5<\/th><th>\u4f5c\u7528<\/th><\/tr><\/thead><tbody><tr><td><code>filter_var()<\/code><\/td><td>\u8fc7\u6ee4\u5355\u4e2a\u53d8\u91cf<\/td><\/tr><tr><td><code>filter_input()<\/code><\/td><td>\u8fc7\u6ee4 <code>$_GET<\/code> \/ <code>$_POST<\/code> \/ <code>$_COOKIE<\/code> \/ <code>$_SERVER<\/code><\/td><\/tr><tr><td><code>filter_input_array()<\/code><\/td><td>\u6279\u91cf\u8fc7\u6ee4<\/td><\/tr><tr><td><code>FILTER_VALIDATE_*<\/code><\/td><td>\u7528\u4e8e <strong>\u9a8c\u8bc1<\/strong> \u6570\u636e<\/td><\/tr><tr><td><code>FILTER_SANITIZE_*<\/code><\/td><td>\u7528\u4e8e <strong>\u6e05\u7406<\/strong> \u6570\u636e<\/td><\/tr><tr><td><code>htmlspecialchars()<\/code><\/td><td>\u9632\u6b62 XSS \u653b\u51fb<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\u66f4\u591a\u8be6\u7ec6\u5185\u5bb9\u8bf7\u5173\u6ce8\u5176\u4ed6\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>1. \u4ec0\u4e48\u662f PHP \u8fc7\u6ee4\u5668\uff1f PHP \u8fc7\u6ee4\u5668\uff08Filters\uff09\u7528\u4e8e \u9a8c\u8bc1 \u548c \u6e05\u7406 \u6570\u636e\uff0c\u4e3b\u8981\u7528\u4e8e\uff1a 2.  [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3070,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[80],"tags":[],"class_list":["post-3069","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-php"],"_links":{"self":[{"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/posts\/3069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/comments?post=3069"}],"version-history":[{"count":1,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/posts\/3069\/revisions"}],"predecessor-version":[{"id":3071,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/posts\/3069\/revisions\/3071"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/media\/3070"}],"wp:attachment":[{"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/media?parent=3069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/categories?post=3069"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.laixuexila.com\/index.php\/wp-json\/wp\/v2\/tags?post=3069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}