O modalitate simpla de a proteja impotriva injectarii de cod

Bine ai venit

Legaturi

Cautare google

cautare

categorii

css

» Butoane

» Transparenta

» Componente formular

html

» Implementari

» Taguri

» Tabele

» Marquee

javascript

» Dimensiuni

» Imagini

» Implementari

» Efecte text

» Meniuri

photoshop

» Efecte 3D

» Logo

» Lentile

php

» Securitate

Ai ceva de facut in cod, design sau animatie si nu stii cum?
Trimite-ne mail si-ti vom face tutorial ce va rezolva problema ta.

Documentatii pentru toate nivelele, de la incepatori la avansati, dar si pentru cei ce au nevoie doar de o 'bucata de cod'

O modalitate simpla de a proteja impotriva injectarii de cod

+ Bookmark-uri

Autor: Cristea Iulian

1 din 9 voturi

Voteaza acest articol

Tutorial not available for this language. Only english version.

A simple way to protect against code injection is that you can verify variables before entering them into database for a few words that can damage your database.

The most dangerous words are: select, update, insert and delete, those that can retrieve, modify or insert data into your application.

You can either replace these words resulting a dead code or deny them if used.

Here is the code that you can use, as example for a username field:

<?
$username = $_POST["username"];
$badWords = array("select", "update", "insert", "delete", "drop");
for($i = 0; $i < count($badWords); $i++)
$username = str_replace($badWords[$i], '', $username);
?>

You can update the $badWords if need it.

+ posteaza un comentariu

Bill

Acum 1 an si 8 luni

That's a fast way

sitemap | termeni si conditii | contact

U-Trade © Toate drepturile rezervate 2006-2010 | O modalitate simpla de a proteja impotriva injectarii de cod : U-Trade Tutoriale