im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: [Select]$value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: [Select]$value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code: [Select]
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: [Select]$_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
How to know if online site made with PHP
Hello,I see some sites that does not display extensions at all , for example:www.site.com/login (for login page)but how I can know the language used in this site ?Thanks
PHP header help!
Hi all I am trying to get this php page to refresh every 5 seconds on my phone which is an aastra 480i IP desk phone.The code below the header line displays a menu on my phone. That works fine so no
problem with array - multilingual page
this is my test page :Code: <?php if(isset($_GET['lang'])) { if($_GET['lang'] == "en") { require_once("languages/lang-en.php"); }
Date Format
Hi there,I have a date format like this right now:Sat, 17 Oct 2009 17:04:00 I need to turn that into:2009-10-17T17:04:00ZMy thought process was to remove with regex "Sat," and then just
! = ''
In the following 'IF' statement if v_ompcat = PU for example then Oracle equates that 'IF' statement to NOT TRUE and skips onto the next 'IF' satement whereas I would have thought that it would have
Remote Database Access
Hey guys!!OK, i'm used to only working with databases from the CPANEL, accessing phpMyAdmin after setting up a mysql database in the cpanel.I've been asked to setup a website and the client has set up
Class not found error
I am getting Class 'index' not found in Eval function://write config $path = dirname(__FILE__).DS.'..'.DS.'paymentclass'; if ( $model->payment_class ) { if
add to sql result
ok see rite now my sites hit counter is counted from the mysql visitor log i need to clear it after atleast 20 000 but i dont wana loose the count this is how i get the count now how do i add 20
TimeZoneOffset
Hello,Please i need your help. I have a system that users can use to punch in and out. This system has been working fine however the time went one hour behind on sunday and since then the system has
C++ API to Oracle dB
I need to perform a select command to the Oracle dB to obtain information from a table.What libraries can I link into my project to make this work?I read about the OCI - but I cannot find any
