הנה חלק מהדברים שאני משתמש יש כאן כמעט הכל, XSS, SQL INJ, ניקוי טקסט רגיל, אבטחת GET POST COOKIE REQUEST , בדיקת אימייל, ניקיון טקסט עם פסיקים, בדיקה לקוד לא חוקי כמו EXEC , פונקציות להמרה מ NL ל BR וההפך, מציאת דפדפן המשתמש ומערכת ההפעלה שלו, ועוד...
PHP קוד:
<?php
/**
* Checks for executable code
*
* @param string Input String
* @return boolean
* @since 2.2.0
*/
function hax_check_for_executable_code( $text='' )
{
//-----------------------------------------
// Test
//-----------------------------------------
if ( preg_match( "#include|require|include_once|require_once|exec|system|passthru|`#si", $text ) )
{
return TRUE;
}
return FALSE;
}
/**
* Check a URL to make sure it's not all hacky
*
* @param string Input String
* @return boolean
* @since 2.1.0
*/
function xss_check_url( $url )
{
$url = trim( urldecode( $url ) );
if ( ! preg_match( "#^https?://(?:[^<>*\"]+|[a-z0-9/\._\- !]+)$#iU", $url ) )
{
return FALSE;
}
return TRUE;
}
function xss_html_clean( $html )
{
//-----------------------------------------
// Opening script tags...
// Check for spaces and new lines...
//-----------------------------------------
$html = preg_replace( "#<(\s+?)?s(\s+?)?c(\s+?)?r(\s+?)?i(\s+?)?p(\s+?)?t#is" , "<script" , $html );
$html = preg_replace( "#<(\s+?)?/(\s+?)?s(\s+?)?c(\s+?)?r(\s+?)?i(\s+?)?p(\s+?)?t#is", "</script", $html );
//-----------------------------------------
// Basics...
//-----------------------------------------
$html = preg_replace( "/javascript/i" , "javascript", $html );
$html = preg_replace( "/alert/i" , "alert" , $html );
$html = preg_replace( "/behavior/i" , "behavior" , $html );
$html = preg_replace( "/e((\/\*.*?\*\/)*)x((\/\*.*?\*\/)*)p((\/\*.*?\*\/)*)r((\/\*.*?\*\/)*)e((\/\*.*?\*\/)*)s((\/\*.*?\*\/)*)s((\/\*.*?\*\/)*)i((\/\*.*?\*\/)*)o((\/\*.*?\*\/)*)n/i" , "expression" , $html );
$html = preg_replace( "/e((\\\|\)*)x((\\\|\)*)p((\\\|\)*)r((\\\|\)*)e((\\\|\)*)s((\\\|\)*)s((\\\|\)*)i((\\\|\)*)o((\\\|\)*)n/i" , "expression" , $html );
$html = preg_replace( "/m((\\\|\)*)o((\\\|\)*)z((\\\|\)*)\-((\\\|\)*)b((\\\|\)*)i((\\\|\)*)n((\\\|\)*)d((\\\|\)*)i((\\\|\)*)n((\\\|\)*)g/i" , "moz-binding" , $html );
$html = preg_replace( "/about:/i" , "about:" , $html );
$html = preg_replace( "/<body/i" , "<body" , $html );
$html = preg_replace( "/<html/i" , "<html" , $html );
$html = preg_replace( "/document\./i" , "document." , $html );
$html = preg_replace( "/window\./i" , "window." , $html );
$event_handlers = array( 'mouseover', 'mouseout', 'mouseup', 'mousemove', 'mousedown', 'mouseenter', 'mouseleave', 'mousewheel',
'contextmenu', 'click', 'dblclick', 'load', 'unload', 'submit', 'blur', 'focus', 'resize', 'scroll',
'change', 'reset', 'select', 'selectionchange', 'selectstart', 'start', 'stop', 'keydown', 'keyup',
'keypress', 'abort', 'error', 'dragdrop', 'move', 'moveend', 'movestart', 'activate', 'afterprint',
'afterupdate', 'beforeactivate', 'beforecopy', 'beforecut', 'beforedeactivate', 'beforeeditfocus',
'beforepaste', 'beforeprint', 'beforeunload', 'begin', 'bounce', 'cellchange', 'controlselect',
'copy', 'cut', 'paste', 'dataavailable', 'datasetchanged', 'datasetcomplete', 'deactivate', 'drag',
'dragend', 'dragleave', 'dragenter', 'dragover', 'drop', 'end', 'errorupdate', 'filterchange', 'finish',
'focusin', 'focusout', 'help', 'layoutcomplete', 'losecapture', 'mediacomplete', 'mediaerror', 'outofsync',
'pause', 'propertychange', 'progress', 'readystatechange', 'repeat', 'resizeend', 'resizestart', 'resume',
'reverse', 'rowsenter', 'rowexit', 'rowdelete', 'rowinserted', 'seek', 'syncrestored', 'timeerror',
'trackchange', 'urlflip',
);
$html = preg_replace( "/on(" . implode( '|', $event_handlers ) . ")/i", "on\\1" , $html );
return $html;
}
/**
* <br /> Safe nl2br (Buggy on old PHP builds)
*
* @param string Input text
* @return string Parsed text
* @since 2.0
*/
function my_nl2br($t="")
{
return str_replace( "\n", "<br />", $t );
}
/*-------------------------------------------------------------------------*/
//
// Convert <br /> to newlines
//
/*-------------------------------------------------------------------------*/
/**
* <br /> Safe br2nl
*
* @param string Input text
* @return string Parsed text
* @since 2.0
*/
function my_br2nl($t="")
{
$t = preg_replace( "#(?:\n|\r)?<br />(?:\n|\r)?#", "\n", $t );
$t = preg_replace( "#(?:\n|\r)?<br>(?:\n|\r)?#" , "\n", $t );
return $t;
}
/**
* Clean email address
*
* @param string Email address
* @return mixed
* @since 2.0
*/
function clean_email($email = "")
{
$email = trim($email);
$email = str_replace( " ", "", $email );
//-----------------------------------------
// Check for more than 1 @ symbol
//-----------------------------------------
if ( substr_count( $email, '@' ) > 1 )
{
return FALSE;
}
$email = preg_replace( "#[\;\#\n\r\*\'\"<>&\%\!\(\)\{\}\[\]\?\\/\s]#", "", $email );
if ( preg_match( "/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,4})(\]?)$/", $email) )
{
return $email;
}
else
{
return FALSE;
}
}
/**
* Remove leading comma from comma delim string
*
* @param string Input String
* @return string Parsed string
*/
function trim_leading_comma($t)
{
return preg_replace( "/^,/", "", $t );
}
/**
* Remove trailing comma from comma delim string
*
* @param string Input String
* @return string Parsed string
*/
function trim_trailing_comma($t)
{
return preg_replace( "/,$/", "", $t );
}
/**
* Remove dupe commas from comma delim string
*
* @param string Input String
* @return string Parsed string
*/
function clean_comma($t)
{
return preg_replace( "/,{2,}/", ",", $t );
}
/**
* Clean perm string (wrapper for comma cleaners)
*
* @param string Input String
* @return string Parsed string
*/
function clean_perm_string($t)
{
$t = $this->clean_comma($t);
$t = $this->trim_leading_comma($t);
$t = $this->trim_trailing_comma($t);
return $t;
}
/**
* Fetches the user's operation system
*
* @return string
*/
function fetch_os()
{
$useragent = strtolower($this->my_getenv('HTTP_USER_AGENT'));
if ( strstr( $useragent, 'mac' ) )
{
return 'mac';
}
if ( preg_match( '#wi(n|n32|ndows)#', $useragent ) )
{
return 'windows';
}
return 'unknown';
}
/**
* Fetches the user's browser from their user-agent
*
* @return array [ browser, version ]
*/
private function fetch_browser()
{
$version = 0;
$browser = "unknown";
$useragent = strtolower($this->my_getenv('HTTP_USER_AGENT'));
//-----------------------------------------
// Opera...
//-----------------------------------------
if ( strstr( $useragent, 'opera' ) )
{
preg_match( "#opera[ /]([0-9\.]{1,10})#", $useragent, $ver );
return array( 'browser' => 'opera', 'version' => $ver[1] );
}
//-----------------------------------------
// IE...
//-----------------------------------------
if ( strstr( $useragent, 'msie' ) )
{
preg_match( "#msie[ /]([0-9\.]{1,10})#", $useragent, $ver );
return array( 'browser' => 'ie', 'version' => $ver[1] );
}
//-----------------------------------------
// Safari...
//-----------------------------------------
if ( strstr( $useragent, 'safari' ) )
{
preg_match( "#safari/([0-9.]{1,10})#", $useragent, $ver );
return array( 'browser' => 'safari', 'version' => $ver[1] );
}
//-----------------------------------------
// Mozilla browsers...
//-----------------------------------------
if ( strstr( $useragent, 'gecko' ) )
{
preg_match( "#gecko/(\d+)#", $useragent, $ver );
return array( 'browser' => 'gecko', 'version' => $ver[1] );
}
//-----------------------------------------
// Older Mozilla browsers...
//-----------------------------------------
if ( strstr( $useragent, 'mozilla' ) )
{
preg_match( "#^mozilla/[5-9]\.[0-9.]{1,10}.+rv:([0-9a-z.+]{1,10})#", $useragent, $ver );
return array( 'browser' => 'mozilla', 'version' => $ver[1] );
}
//-----------------------------------------
// Konqueror...
//-----------------------------------------
if ( strstr( $useragent, 'konqueror' ) )
{
preg_match( "#konqueror/([0-9.]{1,10})#", $useragent, $ver );
return array( 'browser' => 'konqueror', 'version' => $ver[1] );
}
//-----------------------------------------
// Still here?
//-----------------------------------------
return array( 'browser' => $browser, 'version' => $version );
}
/**
* Gets user environment
*
* @param string user browser
* @return user environment
*/
public function my_getenv($key)
{
$return = array();
if ( is_array( $_SERVER ) AND count( $_SERVER ) )
{
if( isset( $_SERVER[$key] ) )
{
$return = $_SERVER[$key];
}
}
if ( ! $return )
{
$return = getenv($key);
}
return $return;
}
/**
* Clean globals to avoid to deep iteration
*
* @param string $data
* @param int $iteration
*/
private function clean_globals( &$data, $iteration = 0 )
{
// Crafty hacker could send something like &foo[][][][][][]....to kill Apache process
// We should never have an globals array deeper than 10..
if( $iteration >= 10 )
{
return $data;
}
if( count( $data ) )
{
foreach( $data as $k => $v )
{
if ( is_array( $v ) )
{
$this->clean_globals( $data[ $k ], $iteration+1 );
}
else
{
# Null byte characters
$v = preg_replace( '/\\\0/' , '\0', $v );
$v = preg_replace( '/\\x00/', '\x00', $v );
$v = str_replace( '%00' , '%00', $v );
# File traversal
$v = str_replace( '../' , '../', $v );
$data[ $k ] = $v;
}
}
}
}
/**
* define_indexes
*
* Define empty indexes to avoid user warnings
*/
private function define_indexes()
{
if( !isset($this->input['area']) )
{
$this->input['area'] = '';
}
}
/**
* parse_incoming_recursively
*
* @param string $data
* @param array inputed content to be cleaned
* @param int $iteration
* @return cleaned input
*/
private function parse_incoming_recursively( &$data, $input=array(), $iteration = 0 )
{
// Crafty hacker could send something like &foo[][][][][][]....to kill Apache process
// We should never have an input array deeper than 10..
if( $iteration >= 10 )
{
return $input;
}
if( count( $data ) )
{
foreach( $data as $k => $v )
{
if ( is_array( $v ) )
{
//$input = $this->parse_incoming_recursively( $data[ $k ], $input );
$input[ $k ] = $this->parse_incoming_recursively( $data[ $k ], array(), $iteration+1 );
}
else
{
$k = $this->parse_clean_key( $k );
$v = $this->parse_clean_value( $v );
$input[ $k ] = $v;
}
}
}
return $input;
}
/**
* parse_incoming
*
* Cleanes all $_GET $_POST $_REQUEST $COOKIE global vars
*
* @return cleaned input
*/
public function parse_incoming()
{
//-----------------------------------------
// Attempt to switch off magic quotes
//-----------------------------------------
@set_magic_quotes_runtime(0);
$this->get_magic_quotes = @get_magic_quotes_gpc();
//-----------------------------------------
// Clean globals, first.
//-----------------------------------------
$this->clean_globals( $_GET );
$this->clean_globals( $_POST );
$this->clean_globals( $_COOKIE );
$this->clean_globals( $_REQUEST );
# GET first
$input = $this->parse_incoming_recursively( $_GET, array() );
# Then overwrite with POST
$input = $this->parse_incoming_recursively( $_POST, $input );
$this->input = $input;
$this->define_indexes();
//-----------------------------------------
// Sort out the accessing IP
// (Thanks to Cosmos and schickb)
//-----------------------------------------
$addrs = array();
foreach( array_reverse( explode( ',', $this->my_getenv('HTTP_X_FORWARDED_FOR') ) ) as $x_f )
{
$x_f = trim($x_f);
if ( preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $x_f ) )
{
$addrs[] = $x_f;
}
}
$addrs[] = $this->my_getenv('HTTP_CLIENT_IP');
$addrs[] = $this->my_getenv('HTTP_X_CLUSTER_CLIENT_IP');
$addrs[] = $this->my_getenv('HTTP_PROXY_USER');
$addrs[] = $this->my_getenv('REMOTE_ADDR');
//-----------------------------------------
// Do we have one yet?
//-----------------------------------------
foreach ( $addrs as $ip )
{
if ( $ip )
{
preg_match( "/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/", $ip, $match );
$this->ip_address = $match[1].'.'.$match[2].'.'.$match[3].'.'.$match[4];
if ( $this->ip_address AND $this->ip_address != '...' )
{
break;
}
}
}
//-----------------------------------------
// Make sure we take a valid IP address
//-----------------------------------------
if ( ( ! $this->ip_address OR $this->ip_address == '...' ) AND !$this->my_getenv('SHELL') )
{
print "Could not determine your IP address";
exit();
}
#Backwards compat:
$this->input["IP_ADDRESS"] = $this->ip_address;
//-----------------------------------------
// Make a safe query string
//-----------------------------------------
$this->query_string_safe = str_replace( '&amp;', '&', $this->parse_clean_value( urldecode($this->my_getenv('QUERY_STRING')) ) );
$this->query_string_real = str_replace( '&' , '&' , $this->query_string_safe );
//-----------------------------------------
// Format it..
//-----------------------------------------
$this->query_string_formatted = str_replace( $this->vars['baseurl'] . '/index.'.$this->vars['php_ext'].'?', '', $this->query_string_safe );
$this->query_string_formatted = preg_replace( "#s=([a-z0-9]){32}#", '', $this->query_string_formatted );
# Assign request method
$this->input['request_method'] = strtolower($this->my_getenv('REQUEST_METHOD'));
return $this->input;
}
/**
* parse_clean_value
*
* Cleanes all value
*
* @return cleaned value
*/
public function parse_clean_value($val)
{
if ( $val == "" )
{
return "";
}
$val = str_replace( " ", " ", $this->txt_stripslashes($val) );
// As cool as this entity is...
$val = str_replace( "" , '' , $val );
$val = str_replace( "&" , "&" , $val );
$val = str_replace( "<!--" , "<!--" , $val );
$val = str_replace( "-->" , "-->" , $val );
$val = preg_replace( "/<script/i" , "<script" , $val );
$val = str_replace( ">" , ">" , $val );
$val = str_replace( "<" , "<" , $val );
$val = str_replace( '"' , """ , $val );
$val = str_replace( "\n" , "<br />" , $val ); // Convert literal newlines
$val = str_replace( "$" , "$" , $val );
$val = str_replace( "\r" , "" , $val ); // Remove literal carriage returns
$val = str_replace( "!" , "!" , $val );
$val = str_replace( chr(0xCA), "", $val ); //Remove sneaky spaces
$val = str_replace( "'" , "'" , $val ); // IMPORTANT: It helps to increase sql query safety.
// Ensure unicode chars are OK
$val = preg_replace("/&#([0-9]+);/s", "&#\\1;", $val );
//-----------------------------------------
// Try and fix up HTML entities with missing ;
//-----------------------------------------
$val = preg_replace( "/&#(\d+?)([^\d;])/i", "&#\\1;\\2", $val );
return $val;
}
/**
* txt_stripslashes
*
* strip slashes
*
* @return stripped value
*/
public function txt_stripslashes($t)
{
if ( $this->get_magic_quotes )
{
$t = stripslashes($t);
}
return $t;
}
/**
* parse_clean_key
*
* clean array key
*
* @return cleaned key
*/
function parse_clean_key($key)
{
if ($key == "")
{
return "";
}
$key = htmlspecialchars(urldecode($key));
$key = str_replace( ".." , "" , $key );
$key = preg_replace( "/\_\_(.+?)\_\_/" , "" , $key );
$key = preg_replace( "/^([\w\.\-\_]+)$/", "$1", $key );
return $key;
}
?>
|
