Would this function do the trick?
<?php
// validate.php - functions that validates form input
function validate_string($unsafe_string) {
// create array containing bad words
$badwords = array(";","--","select","drop","insert","xp_","delete");
$goodwords = array(":","---","choose","leave","add"," ","remove");
// check for occurences of $badwords
for($i=0; $i<7; $i++) {
$unsafe_string = str_replace("$badwords[$i]",
"$goodwords[$i]","$unsafe_string");
}
$unsafe_string = AddSlashes($unsafe_string);
$unsafe_string = trim($unsafe_string);
$safe_string = $unsafe_string;
Return $safe_string;
}
?>
Br,
Anders
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
- Re: [PHP] preventing sql injections Anders Thoresson
- Re: [PHP] preventing sql injections 1LT John W. Holmes
- Re: [PHP] preventing sql injections Wico de Leeuw
- Re: [PHP] preventing sql injections Anders Thoresson
- Re: [PHP] preventing sql injections 1LT John W. Holmes
- Re: [PHP] preventing sql injections Bogdan Stancescu
- RE: [PHP] preventing sql injectio... John W. Holmes
- Re: [PHP] preventing sql inje... Bogdan Stancescu