}else{ $new_str = $str; } return $new_str; } //去除xxs的攻击--简洁版 public function _clean_xss($string){ $string = trim($string); $string = strip_tags($string); $string = htmlspecialchars($string); $string = str_ireplace('<script>', '', $string); $string = str_ireplace('</script>', '', $string); // $string = str_replace(array ('"', "\\", "'", "/", "..", "../", "./", "//" ), '', $string); return $string; } //删除字符串中的空格
return $new_str; } //去除xxs的攻击--简洁版 public function _clean_xss($string){ $string = trim($string); $string = strip_tags($string); $string = htmlspecialchars($string); $string = str_ireplace('<script>', '', $string); $string = str_ireplace('</script>', '', $string); // $string = str_replace(array ('"', "\\", "'", "/", "..", "../", "./", "//" ), '', $string); return $string;
public $pageSize = '20'; public $pageTitle = ''; //得到post和get的参数--可加入安全性检测等..... public function getParam($name,$defaultValue=null){ $str = isset($_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $defaultValue); return $this->_clean_xss($str); } // JSON 输出消息,并结束程序 /*protected function _end($error=0, $msg='', $params=array()) { echo JSON::encode(array('error'=>$error, 'msg'=>$msg, 'params'=>$params)); Yii::$app->end();
$this->pageTitle = $data->name; return $this->render('info', array('data' => $data)); } //用户的首页 public function actionLogo(){ $dynasty = $this->getParam('dynasty'); $where = " img_logo != '' "; if($dynasty) $where .= " AND dynasty = '{$dynasty}' "; $sql = "SELECT * FROM book_poet_list WHERE {$where} ORDER BY id DESC "; $data = $this->getListBySql($sql,'30'); $this->pageTitle = '诗人列表'; return $this->render('logo', array('data' => $data));
$args = $this->controller->bindActionParams($this, $params); Yii::debug('Running action: ' . get_class($this->controller) . '::' . $this->actionMethod . '()', __METHOD__); if (Yii::$app->requestedParams === null) { Yii::$app->requestedParams = $args; } return call_user_func_array([$this->controller, $this->actionMethod], $args); } }
} $result = null; if ($runAction && $this->beforeAction($action)) { // run the action $result = $action->runWithParams($params); $result = $this->afterAction($action, $result); // call afterAction on modules foreach ($modules as $module) { /* @var $module Module */
$parts = $this->createController($route); if (is_array($parts)) { /* @var $controller Controller */ list($controller, $actionID) = $parts; $oldController = Yii::$app->controller; Yii::$app->controller = $controller; $result = $controller->runAction($actionID, $params); if ($oldController !== null) { Yii::$app->controller = $oldController; } return $result; }
$params = $this->catchAll; unset($params[0]); } try { Yii::debug("Route requested: '$route'", __METHOD__); $this->requestedRoute = $route; $result = $this->runAction($route, $params); if ($result instanceof Response) { return $result; } $response = $this->getResponse(); if ($result !== null) {
{ try { $this->state = self::STATE_BEFORE_REQUEST; $this->trigger(self::EVENT_BEFORE_REQUEST); $this->state = self::STATE_HANDLING_REQUEST; $response = $this->handleRequest($this->getRequest()); $this->state = self::STATE_AFTER_REQUEST; $this->trigger(self::EVENT_AFTER_REQUEST); $this->state = self::STATE_SENDING_RESPONSE; $response->send();
require __DIR__ . './../vendor/autoload.php'; require __DIR__ . '/../vendor/yiisoft/yii2/Yii.php'; $config = require __DIR__ . '/../config/web.php'; (new yii\web\Application($config))->run();
$_GET = [ 'page' => '9', ];