im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: [Select]$value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: [Select]$value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code: [Select]
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: [Select]$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
How to generate a random array of integers subject to a certain constraint
I am writing a program that asks the user to enter an integer N and then generates a random array of integers of size 2^N, each of whose entries range from 1 to N+1. The final random array, however,
Error: SQL Syntax; Line 1
Code: <?php require "global_settings.php"; ?><title><?php echo $sitetitle; ?></title><center><style
does anyone know a php script to send mail using gmails/googles free smtp server
cause i heard u can do that but i dont know how
email CODING Problem
Email coding problem.I need to send a section of the info to $tf and the same as a Cc to $email and also I need the full info to be sent to my@mail.com. how to do that?summery:only selected Info: name
connect() succeeds but accept() does not?
Please help me with this problem. I'm working on a time-sensitive project where I'm using TCP sockets. I've got this problem where most of the time a connection cannot be made.
php global variable
how can we create global variable so we can use its value in any form.. Please give example to
Redistributing dependent dlls
Hai all ,I have created an application in VC++ using VS2008 in a development machine which runs on Vista, now i need to run that application in a target machine which runs on windows XP SP2 which does
Do While statement
hi guys,This may sound trivial but im new to php and as part of an assignmenti have to construct the 10 green bottles song using the do while statement. I can do the statement but it is itengrating
User registration and login
I don't know whether this is the correct forum, if not i apologise but am pretty desperate at the moment.I have a phpbb3 forum and have a custom registration form. the password is hashed usering the
Two fgetcsv related questions ;D
First of im trying to get a file from a merchants server but the directory is protected, I know the user and pass obviously but im wondering how i can pass the login details through to the script
