1
I’m thinking of trying to build a super class to protect forms.
Whoever has new ideas post there for me to update.
Someone adds something else?
function seguro($sql){
// remove palavras que contenham sintaxe sql
$sql = preg_replace(prepared("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),"",$sql);
$sql = strip_tags($sql);//tira tags html e php
$sql = addslashes($sql);//Adiciona barras invertidas a uma string
if(!get_magic_quotes_gpc()) {
$obj = addslashes($sql);
return $sql;
}
return $sql;
}
Version: 1.2
This function is like that sticker, smile you are being filmed only without cameras. I recommend reading: How to validate each data type received from a form?
– rray
@rray It wouldn’t work?
– Tiago
If the system stores music names its function will 'eat' some with this replacement,
Wherever i may roamflippedver i may roam. sql_regcase was deprecated in php5.3 and removed in 7. You can use Prepared statements to avoid sql Injection.– rray
@rray You can edit the code.
– Tiago
Creating a classa or library for common tasks is a great idea I think github is a better tool for this.
Quem tiver novas ideias poste ai para eu ir atualizando.is very broad and does not fit well in Q&A format. Remember that you can ask for feedback on chat site– rray