im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.
I have roughly 30 files. I want to be able to edit every $_POST and $_GET
Code: $value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually
Code: $value=$_POST['value'];
$value=mysql_real_escape_string($value)
$value=$_GET['value'];
$value=mysql_real_escape_string($value)
but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this
Code:
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)
}
i dont intend to have magic quotes on, but other people might on there servers.
I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections
I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like
Code: $_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);
im not to sure how that goes about effecting everything, where to put it, etc
Any ideas or suggestions? Or am I stuck doing it manually.
array_combine() trouble w/csv file
I have a problem with a piece of code I wrote to import some records from a csv file into mysql. I have a .csv file with about 300 records in it. The code worked perfect while testing on 3 or 4
Quick variable question
hey guys/gals, im trying to write a php script and it works fine as i have it, but i need to set it to where it pulls the var from mysql table that it is displayed differeantly. i.e. if $var==abcdefg
Saving PHP output as a file
I wondered if anyone knows how to save the rendered output of a PHP script as a file?I have a script that creates dynamic PDF documents, but want to save it as a file, rather than render it to the
Convert Binary String to Decimal
Trying to Get:Decimal: 305419896Out of:Binary String: xV4
Advice on how to delete a mysql row using my form
Hi,I am very new to php and am struggling to work out how to delete a portfolio item (a row from my database using my form which is here):
First root of a number
Hi, I can't find any function in php to give me the first root of a number.Is there any built-in function for it? For example: 81 => 39 => 364 => 2256 => 2I wrote this
Final year project, please point me in the right direction
hi there for my final year project I'm aiming to build a php script shell to use as an expert system ( I got a feeling this is gonna be difficult, VERY )The idea is that i create txt / csv file with
Renaming a file that a user uploads to site?
My site allows for registered users to upload images to the site under their own gallery. Currently it just leaves the file named as however the person has it named. But what I would like to do is
Need help with unexpected T-STRING error
I'm a newbie and I'm still learning PHP. However this error has me stumped. I've googled, searched the forums, but I can't seem to fix this. I'm sure the fix is obvious, but I so new I really need
remove trailing slash from array
I have the following array which contains trailing slashes I need to remove. What is the best way to accomplish this?Array ( [Field1] => A [Field2] => Test [Field3] =>
