- Joined
- Nov 11, 2004
- Messages
- 810
- Reaction score
- 0
Well, to start things off, this is a modded version of one that was posted by someone else...I forgot his name, but if you search for it, I'm sure you could find it. I've added more things to it to make it more secure and reliable. Here they are:
This also works faster by a few mili seconds. This is the first of many PHP releases that I will be making to RaGEZONE. I use this very same script on the KolieMU site (soon to come). I hope you enjoy it.
[N]asser` ~ Out
PHP:
// Anti-SQL Injection
function check_inject()
{
$badchars = array(";", "'", "\"", "*", "DROP", "SELECT", "UPDATE", "DELETE", "-");
foreach($_POST as $value)
{
if(in_array($value, $badchars))
{
die("SQL Injection Detected\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
**
else
{
$check = preg_split("//", $value, -1, PREG_SPLIT_OFFSET_CAPTURE);
foreach($check as $char)
{
if(in_array($char, $badchars))
{
die("SQL Injection Detected\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
**
**
**
**
**
This also works faster by a few mili seconds. This is the first of many PHP releases that I will be making to RaGEZONE. I use this very same script on the KolieMU site (soon to come). I hope you enjoy it.
[N]asser` ~ Out
Last edited: