Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Karlos]

function Clean($Var) {
 if (get_magic_globals_gpc() == 1) {
  $Var = stripslashes($Var);
 }
 $Var = mysql_real_escape_string(htmlentities($Var));
 return $Var;
}


Simple yet effective

[Drizzah]

What is the downfall of using this code below. This is basically the code above, but played with some.

function anti_inject($campo)
{
    foreach($campo as $key => $val)
    {
        $val = mysql_real_escape_string(trim(strip_tags($val)));
        $campo[$key] = $val;
    }
    return $campo;
}

$_POST = anti_inject($_POST);
$_POST = str_ireplace("script", "blocked", $_POST);
$_POST = str_ireplace("xss", "blocked", $_POST);
$_GET = anti_inject($_GET);
$_GET = str_ireplace("script", "blocked", $_GET);
$_GET = str_ireplace("xss", "blocked", $_GET);
}

[rpmb]

the downfall is in you using it.

[Drizzah]

the downfall is in you using it.

It's doing what I want it to do so far. I am just asking as alot of people here come up with some good techniques of making it just a little bit better. Also, I am not slow or anything. I do know you are being a smart a$$ about it.

If you do not have a tip to give on a code, a compliment to give on a code or a reason and example of why not to use a code. Then don't bother replying to the post. (Meaningless Posting just to get your reputation higher)!