1.使用htmlentities:
htmlentities($str, ENT_QUOTES,"UTF-8");
2.过滤特殊字符
preg_replace("/\"|'|\(|\)|<|>|CONTENT-TRANSFER-ENCODING/i"," ",$str);
xss过滤
猜你喜欢
转载自strayly.iteye.com/blog/2338632
今日推荐
周排行