PHP WAF 加固sql注入和xss注入 代码如下: <div><?php </div><div>#this php page is provide the safe value.</div><div>class waf</div><div>{</div><div> private $input;</div><div> private $pattern;</div><div> private $log_path;</div><div> </div><div> function __construct()</div><div> {</div><div> session_start();</div><div> date_default_timezone_set('PRC');<span style="white-space:pre"> </span>//设置PRC时区</div><div> $this->log_path = "./waf.log";<span style="white-space:pre"> </span>//设置日志文件路径</div><div> $this->input = array();</div><div> $this->input["GET"] = $_GET;</div><div> $this->input["POST"] = $_POST;</div><div> $this->input["SERVER"] = $_SERVER;</div><div> $this->input["COOKIE"] = $_COOKIE;</div><div> $this->input["SESSION"] = $_SESSION;</div><div> $this->input["FILES"] = $_FILES;</div><div> $this->input["ENV"] = $_ENV;</div><div> }</div><div> </div><div> private function filter_0x25($str)<span style="white-space:pre"> </span>//过滤百分号</div><div> {</div><div> if (strpos($str, "%25") !== false) {</div><div> $str = str_replace("%25", "%", $str);</div><div> return filter_0x25($str);</div><div> } else {</div><div> return $str;</div><div> }</div><div> }</div><div> </div><div> private function get_visitor($word,$method=1)</div><div> {</div><div> $ip = $this->input["SERVER"]["REMOTE_ADDR"];</div><div> $visitor_path = $this->input["SERVER"]["REQUEST_URI"];</div><div> $date_time = $this->input["SERVER"]["REQUEST_TIME"];</div><div> $date_time = date("Y-m-d H:i", $date_time);</div><div> if($method == 1){</div><div> @$questesion = "$ip 使用危险字符 $word 在 $date_time 访问网站 $visitor_path\r\n\r\n";</div><div> }else if($method == 2){</div><div> @$questesion = "$ip 使用危险方法/协议 $word 在 $date_time 访问网站 $visitor_path\r\n\r\n";</div><div> }</div><div> if (!file_exists($this->log_path)) {</div><div> $fp = fopen($this->log_path, "w+");</div><div> fclose($fp);</div><div> }</div><div> file_put_contents($this->log_path, $questesion, FILE_APPEND | LOCK_EX);<span style="white-space:pre"> </span>//使用追加方式写入文件</div><div> die("the website has been attack!");</div><div> }</div><div> </div><div> function parse_url(){</div><div> $url = $this->input["SERVER"]["REQUEST_URI"];</div><div> $this->input["SERVER"]["REQUEST_URI"] =addslashes(htmlspecialchars($this->filter_0x25($url)));<span style="white-space:pre"> </span>//实体化值,并对特殊字符进行转义</div><div> foreach($this->input["POST"] as $key => $value){</div><div> $this->input["POST"][$key] = addslashes(htmlspecialchars($this->filter_0x25($value)));</div><div> }</div><div> foreach($this->input["GET"] as $key => $value){</div><div> $this->input["GET"][$key] =addslashes(htmlspecialchars($this->filter_0x25($value)));</div><div> }</div><div> }</div><div> </div><div> function limit_method(){</div><div> $method = $this->input["SERVER"]["REQUEST_METHOD"];</div><div> $protocol = $this->input["SERVER"]["SERVER_PROTOCOL"];</div><div> $boolen = true;</div><div> if($method === "GET" || $method === "POST"){<span style="white-space:pre"> </span>//判断用户请求方式</div><div> $boolen = true;</div><div> }else{</div><div> $boolen = false;</div><div> }</div><div> if($protocol === "HTTP/1.1" || $protocol === "HTTP/1.0"){<span style="white-space:pre"> </span>//判断当前所用协议是否规范</div><div> $boolen = true;</div><div> }else{</div><div> $boolen = false;</div><div> }</div><div> if($boolen === false){</div><div> $this->get_visitor($method."/".$protocol,2);</div><div> }</div><div> }</div><div> </div><div> function replace_waf()</div><div> {</div><div> foreach ($this->input as $key => $value) {</div><div> foreach ($value as $k => $v) {</div><div> if(is_array($v)){</div><div> $this->get_visitor($v);</div><div> }</div><div> $this->input[$key][$k] = urldecode($v);</div><div> }</div><div> }</div><div> }</div><div> </div><div> function import_waf()<span style="white-space:pre"> </span>//对用户传入内容进行过滤</div><div> {</div><div> $this->pattern = "select|insert|update|delete|union|load_file|outfile|dumpfile|sub|hex|drop|";</div><div> $this->pattern .= "file_put_contents|fwrite|curl|system|eval|assert|flag|system|into|wget";</div><div> $this->pattern .= "|`|openlog|syslog|readlink|symlink|popepassthru|stream_socket_server|assert|pcntl_exec|or";</div><div> $this->pattern .= "|passthru|exec|system|chroot|scandir|chgrp|chown|shell_exec|proc_open|proc_get_status|popen|ini_alter|ini_restore|if|then|and";</div><div> $array_pattern = explode("|", $this->pattern);</div><div> foreach ($this->input as $key => $value) {</div><div> if ($key != "SERVER") {</div><div> foreach ($value as $k => $v) {</div><div> foreach ($array_pattern as $key => $pattern) {</div><div> if(is_array($v)){</div><div> $this->get_visitor($v);</div><div> }</div><div> if (preg_match("/$pattern/i", $v)) {</div><div> $this->get_visitor($v);</div><div> }</div><div> }</div><div> }</div><div> }</div><div> }</div><div> }</div><div>}</div><div> </div><div> </div><div>//实例化对象并调用方法。</div><div>$a = new waf();</div><div>$a->replace_waf();</div><div>$a->import_waf();</div><div>$a->limit_method();</div><div>$a->parse_url();</div><div>?></div><div></div> 复制代码
粤公网安备 44522102000125 增值电信业务经营许可证 粤B2-20192173
发表于 2020-3-26 14:14:18
主题置顶卡
沉默卡
变色卡
扫一扫,关注易界动态