Senin, 05 Juli 2010

STOP SQL INJECTION!

  1. //This stops SQL Injection in POST vars
  2. foreach ($_POST as $key => $value)
  3.         if(isset($_POST['{$key}']))
  4.                 $_POST[$key] = mysql_real_escape_string($value);
  5.  
  6. //This stops SQL Injection in GET vars
  7. foreach ($_GET as $key => $value)
  8.         if(isset($_GET['{$key}']))
  9.          $_GET[$key] = mysql_real_escape_string($value);


=====================================================
//This stops SQL Injection in POST vars
foreach ($_POST as $key => $value)
    if(isset($_POST['{$key}']))
        $_POST[$key] = mysql_real_escape_string($value);
 
//This stops SQL Injection in GET vars
foreach ($_GET as $key => $value)
    if(isset($_GET['{$key}']))
        $_GET[$key] = mysql_real_escape_string($value);
Diposting oleh di