A simple way to protect against code injection : U-Trade : U-Trade

Hello Guest

Links

Google Search

categories

css

» Form Components

» Buttons

» Transparency

html

» Tags

» Marquee

» Implementations

» Tables

javascript

» Dimensions

» Implementations

» Menu

» Images

» Text effects

photoshop

» Logo

» Orbs

» 3D effects

php

» Security

Do you have something to do in code, design or animation and you don't know how?
Send us an e-mail and will do a tutorial which will solve your problem.

10 Random Tutorials from all categories and subcategories

A simple way to protect against code injection : U-Trade

+ Share and Enjoy

Author: Cristea Iulian

Vote this article

A simple way to protect against code injection is that you can verify variables before entering them into database for a few words that can damage your database.

The most dangerous words are: select, update, insert and delete, those that can retrieve, modify or insert data into your application.

You can either replace these words resulting a dead code or deny them if used.

Here is the code that you can use, as example for a username field:

<?
$username = $_POST["username"];
$badWords = array("select", "update", "insert", "delete", "drop");
for($i = 0; $i < count($badWords); $i++)
	$username = str_replace($badWords[$i], '', $username);
?>

You can update the $badWords if need it.

+ post a comment

sitemap | terms and conditions | contact