Loading Page

A simple way to protect against code injection

Hello Guest
Links
Google Search
search
categories
css
css
html
html
javascript
javascript
photoshop
photoshop
php
php
    »   Security



Paypal
Do you have something to do in code, design or animation and you don't know how?
Send us an e-mail and will do a tutorial which will solve your problem.

Documentations for any level of knowledge, from beginners to advanced programmers, and even for those who just want a 'piece of code'
tutorials U-Trade
tutorials U-Trade

A simple way to protect against code injection

+ Share and Enjoy
Author: Cristea Iulian



1 from 9 vots
Vote up
Vote down
Vote this article
A simple way to protect against code injection is that you can verify variables before entering them into database for a few words that can damage your database.

The most dangerous words are: select, update, insert and delete, those that can retrieve, modify or insert data into your application.

You can either replace these words resulting a dead code or deny them if used.

Here is the code that you can use, as example for a username field: 

<?
$username = $_POST["username"];
$badWords = array("select", "update", "insert", "delete", "drop");
for($i = 0; $i < count($badWords); $i++)
	$username = str_replace($badWords[$i], '', $username);
?>


You can update the $badWords if need it.


+ post a comment


Bill
1 year and 7 months ago1 year and 7 months ago
That's a fast way


sitemap   |   terms and conditions   |   contact
U-Trade © All rights reserved 2006-2010 | A simple way to protect against code injection : U-Trade Tutorials
Subdomains
Languages
send us a message
Info
Tools
Contact
preview
Rollover icons to see their description in this box
gadgets