Filltering

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    Originally posted by GumSlone View Post
    this is not a good solution to prevent mysql injection
    yeah but at last it can stop special characters and we can use mysql_real_escape_string also bad char function or lets use


    PHP Code:
    if(!get_magic_quotes_gpc()) 

      
    $_GET array_map('mysql_real_escape_string'$_GET);  
      
    $_POST array_map('mysql_real_escape_string'$_POST);  
      
    $_COOKIE array_map('mysql_real_escape_string'$_COOKIE); 

    else 
    {   
       
    $_GET array_map('stripslashes'$_GET);  
       
    $_POST array_map('stripslashes'$_POST);  
       
    $_COOKIE array_map('stripslashes'$_COOKIE); 
       
    $_GET array_map('mysql_real_escape_string'$_GET);  
       
    $_POST array_map('mysql_real_escape_string'$_POST);  
       
    $_COOKIE array_map('mysql_real_escape_string'$_COOKIE); 

    left wap stuff

    Comment


      #17
      Ok im using mysql_real_escape_string in XAMPP but the special characters are still going in the database
      Visit my site

      Comment


        #18
        ok,
        so you want to prevent mysql injection or filter special chars?

        1. if you want to filter special chars use the first code ive posted,
        2. if you want to prevent mysql injection use mysql_real_escape_string
        3. if you want to filter chars and prevent mysql injection use both.
        4. and if you only want to check username for special chars you can use this:
        PHP Code:
        if (preg_match("/[^\da-zA-Z-._]+/"$username))
                    
        $error .= 'Incorrect username! Please avoid spaces and special chars.'
        fershtein?
        Advertise your mobile site for FREE with AdTwirl

        Comment


          #19
          Thank you I got it working
          Visit my site

          Comment


            #20
            Originally posted by GiLL View Post
            put this in your confg.php or ini.php


            PHP Code:
            function scharin($word)
            {
              
            $chars "abcdefghijklmnopqrstuvwxyz0123456789";
              for(
            $i=0;$i<strlen($word);$i++)
              {
                
            $ch substr($word,$i,1);
              
            $nol substr_count($chars,$ch);
              if(
            $nol==0)
              {
                return 
            true;
              }
              }
              return 
            false;


            put this line in your register.php and you replace $login to your user name etc

            PHP Code:
            if(scharin($login) == true$error=$error.'Invalid Characters in Nick!<br/>'
            and


            PHP Code:
            if(strlen($login)<3$error=$error.'Nick should be Minimum of 3 words!<br/>'


            if you need more and strong filter send me pm will tell you
            3 letters

            just correcting
            Did I help you?
            You can help me too
            Your donations will help me finance my studies.

            Comment


              #21
              just use htmlpurifier instead of gills cheap attempt at data filteration.

              Comment


                #22
                Originally posted by mobileGIGS View Post
                just use htmlpurifier instead of gills cheap attempt at data filteration.
                i wouldnt help any more your master then give him code and help him instead making nonsense comments mind it i dont care what ever you know or who are you and next time dont quote my post
                Last edited by GiLL; 15.01.10, 03:38.
                left wap stuff

                Comment


                  #23
                  And if quote u u will. . .?

                  Oh pls, save ur **** talk. All im sayin is if u want to filter, do it ryt or dnt do it at all. Try htmlpurifier or gills. Ur choice. Gills simpler and easier to implement, and d other is harder. Your choice.

                  Comment


                    #24
                    don't be over smart always seen you many time and never use cheap word what ever at last it could help some time and some where easy way if you were said use htmlpurifier instead cheap got it ? i am not posting get here mod status even don't need your suggestion or any type argue
                    Last edited by GiLL; 16.01.10, 07:37.
                    left wap stuff

                    Comment

                    Working...
                    X