im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: [Select]$value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: [Select]$value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code: [Select]
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: [Select]$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
How to separate records and ORDER BY
Let say i have 100 records and displayed in one page, then i want to get the records from 50-100 and use ORDER BY to re-order whether DESC or ASCHow can i do the ORDER BY without re-order first 50
Help on query replacing the date
Hi Pals,
how can i display php source code snippets ?
I am outputting some pho code .. and I want to display the source code so people can copy and paste it .... not really wanting to use a TEXTAREA box .... any ideas ?
how to export excel file in same server
My first post - php newbie, so appreciate your support.I'm currently using headers to save web page as excel file.$filename="sms.xls";header("Pragma: public");header("Expires:
PHP Search Issue
Hi, I am using the following code to search and return flights from a database. The user searches by inputting a DepID and an ArrID and I want to display only flights that match both DepID and ArrID.
iMatch stored value with the current value in a loop
Hello,I have a MySQL db were I store articles in.I have a form to fill these articles, and in that form I can select images who are stored into a directory. Selecting the images works good but the
Form Help
Here is the form:Line number On/Off | Expand/Contract<? include("../include/session.php"); ?> <?php if ($submit) { $sql = "UPDATE productimages
ScriptManager History and Opera Issue
I am having an issue in opera with the ScriptManager. I have a ScriptManager on a page with history enabled. On the same page i have 5 LinkButtons which update Panel content. On the OnClick event of
DB2 for z/OS, LUW, iSeries
Hello,
Date/Time and Checkbox
Hi Everyone, I am trying to figure out how to insert the current date and time into the database.Scenario:1) user enter my site and fills up the forum2) hits the submit button3)
