Forbidden Words
SQL statements which can be dangerous.
I will create an array witch contains all these words and a function to test whether the request contains these words.
$forbidden = array(';','DELETE','DO','INSERT','UPDATE','REPLACE','ALTER','CREATE','DROP','RENAME','DESCRIBE','USE','LOAD'); $tmp_found = false; foreach ($forbidden as $forbidden_word) { if (stristr($_POST['request'],$forbidden_word)) $tmp_found = true; } |
Follow Us!