这篇文章主要介绍了分享自定义的几个PHP功能函数,本文罗列的都是WEB开发中常用的一些功能函数,例如提交过滤、字符串截取、IP地址匿名化、隐藏文件真实路径等,需要的朋友可以参考下。

最近不是在折腾论坛嘛，各种类各种函数，原创一些，从别人那儿qiang过来一些，在此分享出来，希望有朋友能用的到~

注意：部分函数可能不够完善，由此造成的漏洞风险自担~

提交过滤

1. function filter($text)
2. {
3. //完全过滤注释
4. $text = preg_replace('/<!--?.*-->/', '', $text);
5. //完全过滤js
6. $text = preg_replace('/<script?.*\/script>/', '', $text);
7. //过滤危险的属性，如：过滤on事件lang js
8. while (preg_match('/(<[^><]+)( lang|action|background|codebase|dynsrc|lowsrc)[^><]+/i', $text, $mat)) {
9. $text = str_replace($mat[0], $mat[1], $text);
10. }
11. while (preg_match('/(<[^><]+)(window\.|javascript：|js:|about:|file:|document\.|vbs:|cookie)([^><]*)/i', $text, $mat)) {
12. $text = str_replace($mat[0], $mat[1] . $mat[3], $text);
13. }
14. //过滤多余html
15. $text = preg_replace('/<\/?(html|head|meta|link|base|basefont|body|bgsound|script|form|iframe|frame|frameset|applet|id|ilayer|layer|name|script|xml)[^><]*>/i', '', $text);
16. //反转换
17. $text = str_replace('[', '<', $text);
18. $text = str_replace(']', '>', $text);
19. $text = str_replace('|', '"', $text);
20. return $text;
21. }

提交过滤2

1. function stripslashes_array(&$array)
2. {
3. while (list($key, $var) = each($array)) {
4. if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || '' . intval($key) == "$key")) {
5. if (is_string($var)) {
6. $array[$key] = stripslashes($var);
7. }
8. if (is_array($var)) {
9. $array[$key] = stripslashes_array($var);
10. }
11. }
12. }
13. return $array;
14. }

字符串截取（这个是emlog里提出来的，其实也就是substr的增强版）

1. function subString($strings, $start, $length)
2. {
3. if (function_exists('mb_substr') && function_exists('mb_strlen')) {
4. $sub_str = mb_substr($strings, $start, $length, 'utf8');
5. return mb_strlen($sub_str, 'utf8') < mb_strlen($strings, 'utf8') ? $sub_str . '...' : $sub_str;
6. }
7. $str = substr($strings, $start, $length);
8. $char = 0;
9. for ($i = 0; $i < strlen($str); $i++) {
10. if (ord($str[$i]) >= 128)
11. $char++;
12. }
13. $str2 = substr($strings, $start, $length + 1);
14. $str3 = substr($strings, $start, $length + 2);
15. if ($char % 3 == 1) {
16. if ($length <= strlen($strings)) {
17. $str3 = $str3 .= '...';
18. }
19. return $str3;
20. }
21. if ($char % 3 == 2) {
22. if ($length <= strlen($strings)) {
23. $str2 = $str2 .= '...';
24. }
25. return $str2;
26. }
27. if ($char % 3 == 0) {
28. if ($length <= strlen($strings)) {
29. $str = $str .= '...';
30. }
31. return $str;
32. }
33. }

IP地址匿名化（最后一位替换为星号）

1. function AnonymousIP()
2. {
3. $ip = GetIP();
4. if ($ip == "Unknown") {
5. $removed_ip = "未知用户";
6. }
7. if (strpos($ip, ":")) {
8. $removed_ip = "IPv6用户";
9. } else {
10. $reg1 = '/((?:\d+\.){3})\d+/';
11. $reg2 = '~(\d+)\.(\d+)\.(\d+)\.(\d+)~';
12. $removed_ip = preg_replace($reg1, "\\1*", $ip);
13. }
14. return $removed_ip;
15. }

获取客户端IP地址

1. function GetIP()
2. {
3. if (@$_SERVER["HTTP_X_FORWARDED_FOR"])
4. $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
5. else if (@$_SERVER["HTTP_CLIENT_IP"])
6. $ip = $_SERVER["HTTP_CLIENT_IP"];
7. else if (@$_SERVER["REMOTE_ADDR"])
8. $ip = $_SERVER["REMOTE_ADDR"];
9. else if (@getenv("HTTP_X_FORWARDED_FOR"))
10. $ip = getenv("HTTP_X_FORWARDED_FOR");
11. else if (@getenv("HTTP_CLIENT_IP"))
12. $ip = getenv("HTTP_CLIENT_IP");
13. else if (@getenv("REMOTE_ADDR"))
14. $ip = getenv("REMOTE_ADDR");
15. else
16. $ip = "Unknown";
17. return $ip;
18. }

字符串加密（支持中文）

1. function dencrypt($string, $isEncrypt = true, $key = "youdian")
2. {
3. if (!isset($string{0}) || !isset($key{0})) {
4. return false;
5. }
6. $dynKey = $isEncrypt ? hash('sha1', microtime(true)) : substr($string, 0, 40);
7. $fixedKey = hash('sha1', $key);
8. $dynKeyPart1 = substr($dynKey, 0, 20);
9. $dynKeyPart2 = substr($dynKey, 20);
10. $fixedKeyPart1 = substr($fixedKey, 0, 20);
11. $fixedKeyPart2 = substr($fixedKey, 20);
12. $key = hash('sha1', $dynKeyPart1 . $fixedKeyPart1 . $dynKeyPart2 . $fixedKeyPart2);
13. $string = $isEncrypt ? $fixedKeyPart1 . $string . $dynKeyPart2 : (isset($string{339}) ? gzuncompress(base64_decode(substr($string, 40))) : base64_decode(substr($string, 40)));
14. $n = 0;
15. $result = '';
16. $len = strlen($string);
17. for ($n = 0; $n < $len; $n++) {
18. $result .= chr(ord($string{$n}) ^ ord($key{$n % 40}));
19. }
20. return $isEncrypt ? $dynKey . str_replace('=', '', base64_encode($n > 299 ? gzcompress($result) : $result)) : substr($result, 20, -20);
21. }

检查字符串是否包含中文

1. function CheckChinese($string)
2. {
3. if (preg_match("/[\x7f-\xff]/", $string)) {
4. return true;
5. } else {
6. return false;
7. }
8. }

隐藏文件真实路径

1. function FileHeaderJump($file)
2. {
3. header('Content-Description: File Transfer');
4. header('Content-Type: application/octet-stream');
5. header('Content-Disposition: attachment; filename=' . basename($file));
6. header('Content-Transfer-Encoding: binary');
7. header('Expires: 0');
8. header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
9. header('Pragma: public');
10. header('Content-Length: ' . filesize($file));
11. ob_clean();
12. flush();
13. readfile($file);
14. exit;
15. }

生成随机字符串，自定义长度

1. function CreateRandomString($length)
2. {
3. $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
4. $password = "";
5. for ($i = 0; $i < $length; $i++) {
6. $password .= $chars[mt_rand(0, strlen($chars) - 1)];
7. }
8. return $password;
9. }