im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: [Select]$value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: [Select]$value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code: [Select]
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: [Select]$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
need help in update query
i create a form for update. there are 8 columns in my mysql table. on my main page all the data is retrieve from db and displayed on the page. after every row there is a link edit. when user click
Get relative path from absolute path
How would one go about getting the relative path to a file from its absolute path?
Problem with php's rename function
So, i'm having a problem with the php rename function. Basically my script 'delete_user.php' attempts to copy the users xml file(i stored all users information, in xml files as a backup of my
About imagecopyresampled()
Hello,I am looking to use this function to resize parts of an image to a fixed thumbnail size. I have used this functions many times, but I am trying to become more advanced as time pass by.I have
Comparing Values
HiI'm reading data from a database and this seems to work OK.Each system has an associated series of references..Code:Code: $dn = "cn=System"; $filter="(objectclass=*)";
simplexml and xpath - Need some help
Hello,I am trying to parse an xml which comes back from Amazon and I am trying to know how many Browsenodes are shown within the XML.I am using the classs Tarzan to get the xml from Amazon and the
str_replace help
I am thinking str_replace is my only option to filter outputs from my database to convert them to safe url variables.I am working with a database with over 4million records, and apparently when the
Preventing blank or already entered values
Im trying to learn how to place a read file line by line and prevent duplicate entries and also BLANK entries, into my process php script, using feof, I have failed many times and get so many errors
square instead of number
HelloI do not know why but this code seems to work fine only in my xampp local insallation but not in the remote server. I just see a black square instead of the number 0000000 when I run this code in
TinyMCE / Ajax Postback Problem
Hiya all,I have a page which loads the TinyMCE editor. On the postback I obviously want to fetch that data again but the value stays empty. Strangely enough, when I disable the "updatepanel" control I
