function antiXSS($str) { $str = ereg_replace("<","",$str); $str = ereg_replace(">","",$str); $str = ereg_replace("'","",$str); $str = ereg_replace(";","",$str); $str = ereg_replace("&","",$str); $str = ereg_replace("\"","",$str); $str = str_replace("%","",$str); $str = str_replace(")","",$str); $str = str_replace("(","",$str); $str = str_replace("|","",$str); $str = ereg_replace(",",",",$str); $str = str_replace("?","",$str); $str = htmlspecialchars($str); return($str); } function antiSQLInjection($str) { $str = str_replace("<","",$str); $str = str_replace(">","",$str); $str = str_replace("'","",$str); $str = str_replace("\"","",$str); $str = str_replace(";","",$str); $str = str_replace("&","",$str); $str = str_replace("%","",$str); $str = str_replace(")","",$str); $str = str_replace("(","",$str); $str = str_replace("|","",$str); $str = str_replace(",",",",$str); $str = str_replace("?","",$str); $str = str_replace("\\","",$str); $str = str_replace("--","",$str); $str = str_replace("\t","",$str); $str = str_replace("\n","",$str); $str = ereg_replace("[\r\n\]","",$str); //$str = htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); //$str = htmlspecialchars($str, ENT_QUOTES, 'SJIS'); return($str); } $ID=$_GET['ID']; $sc=$_GET['sc']; $sb=$_GET['sb']; $gr=$_GET['gr']; $ID=antiSQLInjection($ID); $sc=antiSQLInjection($sc); $sb=antiSQLInjection($sb); $gr=antiSQLInjection($gr); //if(strlen($sc)==0|strlen($sb)==0){ // die("アクセスエラー"); //} //HTML 040805 Akiba //キャッシュ対策として、URLの後ろにユニーク(日時)な変数をつける date_default_timezone_set("UTC"); $strc = date("U"); ?>