Jump to content
Fórum Script Brasil
  • 0

Anti Sql Injection E Tags Html


Beraldo
 Share

Question

Script postado por: Fabyo

Anti SQL Injection e tags HTML

Essa função que eu fiz é bem simples e basica é mais pra usuarios iniciantes

terem noção de como proteger suas paginas contra comandos sql malicioso e ainda proteger suas paginas contra tags html que quando não são tratadas o usuario malicioso pode inserir no seu banco <marquee>Texto</marquee> <font color="cor_fonte">texto</font>. etc...

/* Fabyo Guimaraes de Oliveira 17/12/2004*/
function anti_injection($string){

  $string = str_ireplace(" or ", "", $string);
  $string = str_ireplace("select ", "", $string);
  $string = str_ireplace("delete ", "", $string);
  $string = str_ireplace("create ", "", $string);
  $string = str_replace("#", "", $string);
  $string = str_replace("=", "", $string);
  $string = str_replace("--", "", $string);
  $string = str_replace(";", "", $string);
  $string = str_replace("*", "", $string);
  $string = trim($string);
  $string = strip_tags($string);
  $string = addslashes($string);

  return $string;
}

//aqui eu pego todos os dados vindos do form 
//e tratos todos de uma vez e já cria as variaveis correspondentes
foreach ($_POST as $campo => $valor) {
   $$campo = anti_injection ($valor);
}

Link to comment
Share on other sites

3 answers to this question

Recommended Posts

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share



  • Forum Statistics

    • Total Topics
      151k
    • Total Posts
      649.1k
×
×
  • Create New...