//PHP过虑禁用字符，入数据库前（PHP代码函数）         function safe_str($str){      $array=array('receive.php','select','insert','update','delete','union','into','load_file','outfile');      if(!is_array($str)){          foreach($array as $v){              $str=preg_replace("#({$v})#i","-\\${1}-",$str);            }          //$str=preg_replace("![][xX]([A-Fa-f0-9])!","x \\${1}",$str);          $str=str_replace("'",''',$str);          $str=str_replace('"','"',$str);          $str=str_replace("--",'-',$str);          $str=str_replace("\\*",'\\-*',$str);          $str=str_replace("\\\\",'monxin_backslash',$str);          $r=$str;      }else{          $r=array();          foreach($str as $key=>$value){              //$key=safe_str($key);              $r[$key]=safe_str($value);          }             }              return $r;  }