Zend - The PHP Company




Miscellaneous

Add Code


StringChk  
Type: code fragment
Added by: fath
Entered: 03/06/2001
Last modified: 06/12/2000
Rating: - (fewer than 3 votes)
Views: 4166
Simple fragmnet to check whether an user supplied string contains forbidden chars, wich may led our PHP script behave unexpected way.


<?

 function stringchk ($str) {
  $forbidden_chars = array ("/",""","\","..","`","<",">");
  $forbidden_words = array ("DELETE","SELECT","UPDATE","ALTER");
  $valid = 0;
  $contains_forbidden_chars = 0;
  $contains_forbidden_words = 0;
  foreach ($forbidden_chars as $value) {
    if (stristr($str$value)) {
      $contains_forbidden_chars++;
    }
  }
  foreach ($forbidden_words as $value) {
    if (stristr($str$value)) {
      $contains_forbidden_words++;
    }
  }
  if ($contains_forbidden_chars == 0 AND $contains_forbidden_words == 0) {
    $valid = 1;
  }
  return $valid;
}

?>


Usage Example


<?

 include("php/stringchk.php");
 $valid stringchk($str);
if ($valid == 1) {
  echo "String $str is valid";
}
else {
  echo "String $str contains forbidden chars";
}
 ?>


Rate This Script





Search



This Category All Categories
Solutions
Products
Services
© 2013 Zend Technologies Ltd. All rights reserved.