1. PHP / Говнокод #6918

    +156

    1. 01
    2. 02
    3. 03
    4. 04
    5. 05
    6. 06
    7. 07
    8. 08
    9. 09
    10. 10
    11. 11
    12. 12
    13. 13
    14. 14
    15. 15
    16. 16
    17. 17
    18. 18
    19. 19
    20. 20
    21. 21
    22. 22
    23. 23
    24. 24
    25. 25
    26. 26
    27. 27
    28. 28
    29. 29
    class sqlinj
{
...
public $liste=array("=","\'","\"","*","\-","declare","char","set","cast","convert","drop","exec","meta","script","select","truncate","insert","delete","union","update","create","where","join","information_schema","table_schema","into");
...
private function tumsorgular($yapilacak){ 
            switch ($yapilacak){ 
            case "post": 
            $this->islet=array("POST"); 
            break; 
            case "get": 
            $this->islet=array("GET"); 
            break; 
            case "request": 
            $this->islet=array("REQUEST"); 
            break; 
            case "aio": 
            $this->islet=array("POST","GET","REQUEST"); 
            break; 
        }     
        foreach($this->islet as $islem){ 
        eval('foreach($_'.$islem.' as $ad=>$deger){ 
            $_'.$islem.'[$ad]=$deger; 
            foreach($this->liste as $bul){ 
            $_'.$islem.'[$ad]=str_replace($bul,"\\\".$bul."\\\",$_'.$islem.'[$ad]); 
            } 
        } 
...
}

    [url=http://www.phpclasses.org/browse/file/35305.html]Basic SQL Injection Protection[/url]
    Cleanup harmful text from request parameters

    Взято с phpclasses.org.
    Новый тип говнокода- турецкий(описание: расходится по швам при первой носке)

    А чё, ... не попортим так хакнем ;D

    Запостил: AlexanderC, 10 Июня 2011

    Комментарии (12) RSS

    Добавить комментарий