Tht dnt stop hacking lol
-
-
I Uses this when i used to use lavalairPHP Code:ini_set("display_errors", "0");
if(!get_magic_quotes_gpc())
{
$_GET = array_map('trim', $_GET);
$_POST = array_map('trim', $_POST);
$_COOKIE = array_map('trim', $_COOKIE);
$_GET = array_map('addslashes', $_GET);
$_POST = array_map('addslashes', $_POST);
$_COOKIE = array_map('addslashes', $_COOKIE);
}
E107 Security Team Leader
Proudly Support AccountLab Plus Billing Software
Want your Apps to be Developed ??? mail us your requirement at info@csarlab.com
------------------Comment
-
where to put that?Comment
-
i think that comes in core.phpComment
-
yes it is in core.phpComment
-
re
ini_set("display_errors", "0");
if(!get_magic_quotes_gpc())
{
$_GET = array_map('trim', $_GET);
$_POST = array_map('trim', $_POST);
$_COOKIE = array_map('trim', $_COOKIE);
$_GET = array_map('addslashes', $_GET);
$_POST = array_map('addslashes', $_POST);
$_COOKIE = array_map('addslashes', $_COOKIE);
}
its true prevent sql inject?Comment
-
Easy and very usefull:PHP Code:function clean($str)
{
$str = @trim($str);
if(get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
$test = clean($_REQUEST['test']);
$test = clean($_POST['test']);
$test = clean($_GET['test']);www.inbuzunar.mobi - Your mobile portal pocketComment
-
Post this in your core.Php
hehehe. . .PHP Code:function check_injection()
{
$badchars = array("DROP", "SELECT", "UPDATE", "DELETE", "DELETE" , "UNION", "WHERE", "FROM");
foreach($_REQUEST as $value)
{
if(in_array(strtoupper($value), $badchars))
{
$logfile= 'log/log.txt'; //chmod 777
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails= date("F j, Y, g:i a") . ': ' . '<a href=http://dnsstuff.com/tools/city.ch?ip='.$_SERVER['REMOTE_ADDR'].' target=_blank>'.$_SERVER['REMOTE_ADDR'].'</a>';
$fp = fopen($logfile, "r+");
fwrite($fp, $logdetails, strlen($logdetails));
fclose($fp);
header('Location:http://go-to-hell.com');
}
else
{
$check = preg_split("//", $value, -1, PREG_SPLIT_OFFSET_CAPTURE);
foreach($check as $char)
{
if(in_array(strtoupper($char), $badchars))
{
$logfile= 'log/log.txt';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails= date("F j, Y, g:i a") . ': ' . '<a href=http://dnsstuff.com/tools/city.ch?ip='.$_SERVER['REMOTE_ADDR'].' target=_blank>'.$_SERVER['REMOTE_ADDR'].'</a>';
$fp = fopen($logfile, "r+");
fwrite($fp, $logdetails, strlen($logdetails));
fclose($fp);
header('Location:http://go-to-hell.com');
}
}
}
}
}
Find me on facebookPHP Code:/* I don't know everything hehe */
Comment
-
use:PHP Code:function safe($text)
{
$safe = stripslashes($text);
if(function_exists("mysql_real_escape_string"))
{
$safe = mysql_real_escape_string($safe);
}else if(function_exists("mysql_escape_string"))
{
$safe = mysql_escape_string($safe);
}
return $safe;
}
$str = safe($_POST['str']);
$str = safe($_GET['str']);My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.comComment
-
Where do i use d scriptComment
-
how to stop sql blocking when some one comes and makes a external link to avatar, forum posts. how to stop that?Comment
-
try to make something like go.php, so when someone adds a link, it will loose everything in there, then redirect to the desired url.Originally posted by murshid7 View Postmysterio.al - programming is a functional artComment
-
thisOriginally posted by jsyguy23 View Post
could be a lot betterPHP Code:$uid = mysql_escape_string(strip_tags(htmlspecialchars($_GET['uid'])));
キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ â“â“¡â“” â“ⓑⓛⓔ ⓣⓞ â“—â“”â“â“¡ !
ιη тнєσÑу, тнє ÏÑα¢тι¢є ιѕ α Ñєѕυℓт σƒ тнє тнєσÑу, вυт ιη ÏÑα¢тι¢є ιѕ тнє σÏÏσѕιтє.Comment
-
-
remove all forms of request password, or forgotten password to avoid the send me the password hacking methodComment
Comment