thinking about above post ... migfht be better having a file:
antiinjection.php
then just using:
at the top of every page
antiinjection.php
PHP Code:
<?php
if(isset($_REQUEST)){foreach($_REQUEST as $key=>$value){$_REQUEST[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
if(isset($_SERVER)){foreach($_SERVER as $key=>$value){$_SERVER[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
if(isset($_SESSION)){foreach($_SESSION as $key=>$value){$_SESSION[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
?>
PHP Code:
include 'antiinjection.php';
Comment