Security
|
|
|
|
<?
####################################################################
# PHP CGI-Filter, can be used with $_COOKIE, $_POST, $_GET, etc...
# Date : 11/05/2003
# Version : 0.9
# Author : Cameron Jacobson
# Questions / Comments : cameron@tripdubdev.com
# Please send word of any benchmarks produced, best order for the 'alphabet' string, etc...
# Installation: Include the following line at the top of your script
# include 'filename.php'; where filename is the name of this file
# Instructions:
# Define the characters you will allow in your PHP apps in the
# $alphabet variable...
# AND, add variables accordingly if you want to filter
# $_COOKIE, $_FILES, $_SESSION variables, etc...
# NOTE: In order for this filter to be useful, you should not have
# REGISTER_GLOBALS on, or should at least not program
# your scripts as though it were on
# LICENSE : To use this piece of software you must agree with
# the terms and conditions of the GNU GPL.
####################################################################
$alphabet="rn abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890<>=/._";
$post=$_POST;
$get=$_GET;
$postcount=count($post) -1;
$getcount=count($get) -1;
$getkeys=array_keys($get);
$postkeys=array_keys($post);
while($getcount>0) {
$key=$getkeys[$getcount];
$variable=$get[$key];
$variable=$variable1=trim(strtolower($variable));
$vnum=0;
while($variable2=$variable1[$vnum]) {
if(!strstr($alphabet,$variable2) || $variable2==""") {
$variable=str_replace($variable2,'',$variable);
}
$vnum=$vnum+1;
}
$_GET[$key]=$variable;
$getcount=$getcount-1;
}
while($postcount>0) {
$key=$postkeys[$postcount];
$variable=$post[$key];
$variable=$variable1=trim(strtolower($variable));
$vnum=0;
while($variable2=$variable1[$vnum]) {
if(!strstr($alphabet,$variable2) || $variable2==""") {
$variable=str_replace($variable2,'',$variable);
}
$vnum=$vnum+1;
}
$_POST[$key]=$variable;
$postcount=$postcount-1;
}
?>
|
|
|
Usage Example
|
|
|
Rate This Script
|
|
|
|
Store
Your email: