urgh.

Flisker · 08-12-2007, 11:19 AM

Hey,

I was browsing the forum one day and i found a nice clean() function someone made with enhanced stuff etc.. can someone find it please and i will +REP

It had SQL PHP code that it blocks

Thanks,
Chris

Jamieb · 08-12-2007, 11:34 AM

Step 1)
Move your mouse to the search button like this..

Step 2)
Now Press it and a box comes

Step 3)
Type in what you want.

Step 4)

And press go

Easy?

Flisker · 08-12-2007, 11:36 AM

Your funny...

I already done that (or i wouldnt of posted this thread if i didnt) and cant find...

redtom · 08-12-2007, 11:37 AM

Have you even seen the amount of results you get for it? Even using the advanced version and limit the results you have to go though pages and pages of results before you find what you want.

VistaBoy · 08-12-2007, 11:40 AM

was it that one that stop using the text like UPDATE , INSERT and all that??

Flisker · 08-12-2007, 11:50 AM

yea, it was VistaBoy

redtom, yes i did.

VistaBoy · 08-12-2007, 11:53 AM

Originally Posted by Flisker

Originally Posted by VistaBoy

was it that one that stop using the text like UPDATE , INSERT and all that??

yea, it was VistaBoy

yes i was looking for that one the other day but i can not seem to find it a well :S

Flisker · 08-12-2007, 11:56 AM

Its a shame i cleared my History or i would of found it

Beau · 08-12-2007, 11:29 PM

You'd just need a function that ran all the input through mysql_real_escape_string. That filters out anything that may effect an SQL query.

MrCraig · 08-12-2007, 11:32 PM

PHP Code:


function clean($str)
{
$str = strip_tags(addslashes(stripslashes(htmlspecialchars($str))));
$str = mysql_real_escape_string($str);
}

is the one i usually use.

Thread: urgh.

Thread Tools

urgh.

Posting Permissions