php

PHP - $_POST 필터링 함수 만들기

7월 27, 2020
이 함수는 제목 그대로 POST 로 넘어 온 값들을 체크해서 필터링하는 함수입니다. 필터링은 이메일, 그림 URL, HTTP URL 를 제외한 나머지 값들을 htmlspecialchars() 로 필터하게 됩니다.

 <form enctype="multipart/form-data" action="" method="POST">  
 <input type="text" name="x" value="<b>" /><br /> 
 <input type="text" name="y" value="http://localhost/img/logo.gif" /><br /> 

 <input type="text" name="a3[]" value="1" /><br /> 
 <input type="text" name="a3[]" value="1" /><br /> 
 <input type="text" name="a3[]" value="1" /><br /> 
 <input type="text" name="a4[4][5]" value="habony@gmail.com" /><br /> 
 <input type="text" name="a5[6][aaaa]" value="<a href='#'>habony</a>" /><br /> 
 <input type="text" name="a6[8][9][10]" value="<jikedo@gmail.com,>" /><br /> 

 <input type="text" name="a7[11][12][13][14]" value="5" /><br /> 
 <input type="text" name="a7[11][12][13][15]" value="5" /><br /> 
 <input type="text" name="122" value="6" /><br /> 
 <input type="submit" value="전송" />  
 </form>  

 <?php  
 function PHP_MAIL_Email_Confirmation($email) 
 { 
    if(filter_var($email, FILTER_VALIDATE_EMAIL)) 
    { 
        return array(substr($email, 0, strcspn($email, '@')), $email); 
    } 
    return false; 
 } 
 function Organization_Filter(&$value, $key) 
 { 
    if(!is_array($value)) 
    { 
        $value = trim($value); 

        // URL 검증 
        // Ex. http://example.com/test.php?name=habony&age=10 
        if(filter_var($value, FILTER_VALIDATE_URL)) 
        { 
            $ext = explode(" ", ".jpg .gif .png .bmp"); 
            if(in_array(substr(strtolower($value), -4), $ext)) 
            { 
                $value = sprintf("<img src=\"%s\">", $value); 
            } 
            else 
            { 
                $link = str_replace("&", "&amp;", $value); 
                $value = sprintf("<a href=\"%s\">%s</a>", $link, $link); 
            } 
        } 
        // E-Mail 검증 
        else if(filter_var($value, FILTER_VALIDATE_EMAIL)) 
        { 
            list($name, $email) = PHP_MAIL_Email_Confirmation($value); 
            $value = sprintf("<a href=\"mailto:%s\">%s</a>", $email, $name); 
        } 
        else 
        { 
            $value = filter_var($value, 
                      FILTER_SANITIZE_SPECIAL_CHARS, 
                      FILTER_FLAG_ENCODE_HIGH); 
        } 
    } 
    else 
    { 
        array_walk_recursive($value, 'Organization_Filter'); 
    } 
 } 


 Organization_Filter($_POST); 
 print_r($_POST); 
 /* 
 결과: 
 Array 
 ( 
    [x] => &#60;,b&#62; 
    [y] => <img src="http://localhost/img/logo.gif"> 
    [a3] => Array 
        ( 
            [0] => 1 
            [1] => 1 
            [2] => 1 
        ) 
    [a4] => Array 
        ( 
            [4] => Array 
                ( 
                    [5] => <a href="mailto:habony@gmail.com">habony</a> 
                ) 
        ) 
    [a5] => Array 
        ( 
            [6] => Array 
                ( 
                    [aaaa] => &#60;a href=&#39;#&#39;&#62;habony&#60;/a&#62; 

                ) 
        ) 
    [a6] => Array 
        ( 
            [8] => Array 
                ( 
                    [9] => Array 
                        ( 
                            [10] => &#60;jikedo@gmail.com,&#62; 
                        ) 
                ) 
        ) 
    [a7] => Array 
        ( 
            [11] => Array 
                ( 
                    [12] => Array 
                        ( 
                            [13] => Array 
                                ( 
                                    [14] => 5 
                                    [15] => 5 
                                ) 
                        ) 
                ) 
        ) 
    [122] => 6 
 ) 
 */ 
 ?>

Tag:

0 Comments

0 댓글