im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: $value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: $value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code:
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: $_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
New Search Engine
Hey everyone,I have a ZIP Code Radius search engine already functional. it displays all of the ZIP codes within a specified mileage around a central ZIP code.I have an auction site that the client
PHP If Else statement for breadcrumb
HiI am trying to use a PHP if else statement to display a breadcrumb link on wordpressThe codeLine number On/Off | Expand/Contract <div class="triple silhouette_break">
need help in update query
i create a form for update. there are 8 columns in my mysql table. on my main page all the data is retrieve from db and displayed on the page. after every row there is a link edit. when user click
Add_Months not Easy to Understand
Oracle is number 1, very fast and very easy. But....
ereg_replace issue
hi there peoplei have this code happening with regards to my wamp server. is this something that can be sorted out? would this happen on a normal remote server that has lamp on with the necessary
Find only certain URLs from page ... regex (semi-complete script)
Hi guys,What I need to do is take a page & extract all the URLs from the page & place them in an array.However I only need to grab certain
redirect standard error and assert (how to?)
How do you redirect standard error and assert?---(Why? I am creating an web app and assert does not show on the webpage. I do not think standard error does either. Not sure, but fairly certain.
Production Order Enterprise Service to Manufacturing Exctn Sys (MES) ???
Hello Experts,
PHP login form help (Done Most of It)
Hi i am having a problem, when i try logging in it is always saying "Invalid Login" im not sure what is going wrong, a week ago i had it working. I cant remember the change i did but i know
session checking in page load
hai all
