- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
$r_fam = str_replace(',',"",$r_fam);
$r_fam = str_replace('$',"",$r_fam);
$r_fam = str_replace('\"',"",$r_fam);
$r_fam = str_replace('<',"",$r_fam);
$r_fam = str_replace('>',"",$r_fam);
$r_fam = str_replace('*',"",$r_fam);
$r_fam = str_replace('=',"",$r_fam);
$r_name = str_replace(',',"",$r_name);
$r_name = str_replace('$',"",$r_name);
$r_name = str_replace('\"',"",$r_name);
$r_name = str_replace('<',"",$r_name);
$r_name = str_replace('>',"",$r_name);
$r_name = str_replace('*',"",$r_name);
$r_name = str_replace('=',"",$r_name);
$sqlr="INSERT INTO users VALUES(NULL,'$r_login','$r_pass','0.00','0.00','0.00','$r_email','$r_name','$r_fam','$date','0.00')";
mysql_query($sqlr);
Защита в лоб.
register_globals = on
guest 17.08.2009 18:13 # 0
Автор явно не в курсе про то, что str_replace принимает массивы.
viktorious 18.08.2009 10:43 # 0
guest 17.08.2009 21:22 # 0
guest 18.08.2009 14:16 # 0
автору 12 лет.
zero-module 02.09.2009 18:06 # 0