S
sunnydiv
Guest
i made this following code, to hope it will protect from mysql injection
tell me if u find a bug or something
function remove_bad($value)
{
$value = addslashes($value);
$value = strip_tags($value);
echo ereg_replace("select", "nselectn", $value);
echo ereg_replace("delete", "ndeleten", $value);
echo ereg_replace("drop", "ndropn", $value);
echo ereg_replace("update", "nupdaten", $value);
echo ereg_replace("where", "nwheren", $value);
return $value;
}
reverse. hopefully you know, how this is going to work
function add_bad($value)
{
echo ereg_replace("nselectn", "select", $value);
echo ereg_replace("ndeleten", "delete", $value);
echo ereg_replace("ndropn", "drop", $value);
echo ereg_replace("nupdaten", "update", $value);
echo ereg_replace("nwheren", "where", $value);
$value = stripslashes($value);
return $value;
}
source, mysite *www.rokda.info/forum/sutra14.html#14
tell me if u find a bug or something
function remove_bad($value)
{
$value = addslashes($value);
$value = strip_tags($value);
echo ereg_replace("select", "nselectn", $value);
echo ereg_replace("delete", "ndeleten", $value);
echo ereg_replace("drop", "ndropn", $value);
echo ereg_replace("update", "nupdaten", $value);
echo ereg_replace("where", "nwheren", $value);
return $value;
}
reverse. hopefully you know, how this is going to work
function add_bad($value)
{
echo ereg_replace("nselectn", "select", $value);
echo ereg_replace("ndeleten", "delete", $value);
echo ereg_replace("ndropn", "drop", $value);
echo ereg_replace("nupdaten", "update", $value);
echo ereg_replace("nwheren", "where", $value);
$value = stripslashes($value);
return $value;
}
source, mysite *www.rokda.info/forum/sutra14.html#14