question about stripslashes and real_escape_string


Posted on 16th Feb 2014 07:03 pm by admin

im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.

I have roughly 30 files. I want to be able to edit every $_POST and $_GET

Code: $value=$_POST['value'];
$value=$_GET['value'];
my instinct would be to edit every file and do it manually

Code: $value=$_POST['value'];
$value=mysql_real_escape_string($value)


$value=$_GET['value'];
$value=mysql_real_escape_string($value)

but if there was a faster way it would make my life easier. What I would like to do is to maybe create a function i can put at the top of every page or into my global.php which is included into every page that would do something like this

Code:
if (get_magic_quotes_gpc()) {

$value = stripslashes($value);
}else{
$value=mysql_real_escape_string($value)

}
i dont intend to have magic quotes on, but other people might on there servers.

I just need every $_POST or $_GET within my script to be automaticly cleaned or filtered from SQL Injections

I saw something a long time ago where it was something they put at the top of there page, this will be completely wrong, but i will give u an example of what it looked like

Code: $_GET = array_map('mysql_real_escape_string', $_GET);
$_POST = array_map('mysql_real_escape_string', $_POST);
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);

im not to sure how that goes about effecting everything, where to put it, etc

Any ideas or suggestions? Or am I stuck doing it manually.

No comments posted yet

Your Answer:

Login to answer
291 Like 25 Dislike
Previous forums Next forums
Other forums

show the direct link into href
I want to display link on the page. i am fetching the data(URL) from database,actually before that i

Validation
Hello

I know this is a really vag question.

I need to have a input field on a form th

Strange cookie problem. setcookie dependant on where user was directed from?
Hello,

I have a website that sets a cookie when a user visits the website. The cookie holds a

Displaying returned XML in another PHP page
I have an online payment form that will return XML given if a payment is successful or declines. I

how can i display php source code snippets ?
I am outputting some pho code .. and I want to display the source code so people can copy and paste

cstdatomic (c++0x std::atomic) / g++ 4.4
Hello,

I'm trying to use cstdatomic (std::atomic in the upcoming c++0x standard) in g++

PHP hyperlinks generator - HELP plz
Hi

I need some help to get this done using php:


1 - I have few hyperlinks say 500

Loop Through Date Range
Hi guys,
I have date range as parameter like 01/JAN/2009 TO 16/JAN/2009 now i want to loop thro

Basic Question about Threading and PHP...
I have a page that I am working on and it is taking several hours to process. The basics of what th

Sequencing or queuing parallel process
Scenario is as follows
There is one parent process say P1 and 4 child processes say A B C D

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash