im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: $value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: $value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code:
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: $_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
Add 5 to a variable when a button is clicked, and re-run a for loop
So I'm making a feedback sort of section on a website with MySQL and PHP, I've gotten the script to do everything I want except for this. I want the script to only show 5 at a time (which i have
Multithreading design
HiI have come up with a Singleton class that manages a pool of database connections. Basically the pool is a queue in which I have stored some connection objects. When ever a client calls any of the
Auto install
Hi I have a directory lets say "apps" that I then have more folders ie "email", "projectmanagment" now each of these "apps" need a mysql table, each of these
How do I create a 2D game "camera" to follow player?
In J2ME programming I'm targeting MIDP 2.0 devices.I'm using gamecanvas and I was thinking that I could create my full world (640 x 480) using a TiledLayer and then set the refpixel of the TilerLayer
PHP Search Issue
Hi, I am using the following code to search and return flights from a database. The user searches by inputting a DepID and an ArrID and I want to display only flights that match both DepID and ArrID.
Optimize Code
Just started getting into the use of cookies. The following code will redirect users to a set URL should they view a preset number of pages. I'm a little concerned with the speed in which this
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result
what is wrong with this Code: [Select]<?phpif ($_SERVER['HTTP_REFERER']){ if($_GET['id']) { $con = mysql_connect("","",""); if (!$con) {
Help with lottery style system?
I'm working on a currency system for forums and it is going to have a type of lottery system built into it. Trying to figure out the best way to make the drawings work. I'm still new to cron jobs but
Header is not working in IE
Hi ! header function is not working in IE but it works in FF, Safari, Chrome. any help please. :if (isset($_POST['sub1'])) { $id = $_POST['cscstest']; $qty = $_POST['cscsqty']; $id =
Inter Company -- Resources Related Billing (Services Industry)
Hello,
