目的为了防止mysql注入操作。
回复讨论(解决方案)
[\s\S]*?or[\s\S]*?\d+[\s\S]*?=[\s\S]*?\d+
过滤空格和特殊字符
$a = array( "or 1 = 1", "Or 1 = 1", "or 3 =3", "or now() = now()", "or 'a' = 'a'",);foreach($a as $s) echo $s, " :\t\t", preg_match('/or\b.+(\b\w+\b)[^=]*=.*\1/i', $s), PHP_EOL;
登录后复制
or 1 = 1 : 1Or 1 = 1 : 1or 3 =3 : 1or now() = now() : 1or 'a' = 'a' : 1
登录后复制