im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: [Select]$value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: [Select]$value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code: [Select]
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: [Select]$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
user data not transferring to new page
I'm a PHP learner. After an index.php page, the user goes to a login.php page. Both pages seem to be working.After logging in with username, password, and a special code, the user is transferred to
Text file to .Dat file Conversion in PHP
Hi All, Could anybody provide code for Text file to .Dat file Conversion in PHP. Thanks,
comparing tables across databases sql refinement ideas required
Hi all
check comment for html
hi, I just wanted to check if a comment a user posts contains HTML, and if it does, to not allow it to be posted.this is my current php, any help would be very much appreciated! thanks.Code:
Can't find a decent web analytics!!!
I've downloaded and installed Piwik. It's location detection based on IP addresses is fairly inaccurate even after installing the recommended plugins. Can someone please suggest a free solution with
Help? Need help on project with templates involving mysql and php.
I'm having a hard time explaining what I want but basically here is what I have in place:-Database with 500 members signed up and using under a table called 'users'-Php page that people click a link
pls clear my confusion
Hi friends,Pls solve my query .what is the exact use of Scope Resolution Operator( in classes.
Simple image grab script.
I was wondering if it was possible and if anyone knew how to make a simple php script that looks at one specified directory and makes <img src="*.*" \> type links out of it?ive
file downloaded can't be read !!
<?php $fileName = 'mypic.jpg';$mimeType = 'image/jpeg';header('content-disposition: attachment; filename=' . $fileName);header('content-type: ' . $mimeType);header('content-length: ' .
simple script won't work. Please help
I'm new to php, and I am having trouble displaying a simple script in my web browser. My php code executes fine but the html tags in my script are treated as text and displayed on the page. This is
