- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
$email = strip_tags($email);
$email = str_replace("’", "", $email);
$email = str_replace("(", "", $email);
$email = str_replace(")", "", $email);
$email = str_replace(";", "", $email);
$email = str_replace(":", "", $email);
$email = str_replace("<", "", $email);
$email = str_replace("'", "", $email);
$email = str_replace("UNION", "", $email);
$email = str_replace("SELECT", "", $email);
$email = str_replace("WHERE", "", $email);
$email = str_replace("LIKE", "", $email);
$email = str_replace("FROM”", "", $email);
$email = str_replace("UPDATE", "", $email);
$email = str_replace("INSERT", "", $email);
$email = str_replace("ORDER", "", $email);
$email = str_replace("GROUP", "", $email);
$email = str_replace("ALTER", "", $email);
$email = str_replace(" OR ", "", $email);
$email = str_replace(" or ", "", $email);
$email = str_replace("=", "", $email);
$email1 = str_replace("’", "", $email1);
$email1 = str_replace("(", "", $email1);
$email1 = str_replace(")", "", $email1);
$email1 = str_replace(";", "", $email1);
$email1 = str_replace(":", "", $email1);
$email1 = str_replace("<", "", $email1);
$email1 = str_replace("'", "", $email1);
$email1 = str_replace("UNION", "", $email1);
$email1 = str_replace("SELECT", "", $email1);
$email1 = str_replace("WHERE", "", $email1);
$email1 = str_replace("LIKE", "", $email1);
$email1 = str_replace("FROM”", "", $email1);
$email1 = str_replace("UPDATE", "", $email1);
$email1 = str_replace("INSERT", "", $email1);
$email1 = str_replace("ORDER", "", $email1);
$email1 = str_replace("GROUP", "", $email1);
$email1 = str_replace("ALTER", "", $email1);
$email1 = str_replace(" OR ", "", $email1);
$email1 = str_replace(" or ", "", $email1);
$email1 = str_replace("=", "", $email1);
$location = str_replace("’", "", $location);
$location = str_replace("(", "", $location);
$location = str_replace(")", "", $location);
$location = str_replace(";", "", $location);
$location = str_replace(":", "", $location);
$location = str_replace("<", "", $location);
$location = str_replace("'", "", $location);
$location = str_replace("UNION", "", $location);
$location = str_replace("SELECT", "", $location);
$location = str_replace("WHERE", "", $location);
$location = str_replace("LIKE", "", $location);
$location = str_replace("FROM”", "", $location);
$location = str_replace("UPDATE", "", $location);
$location = str_replace("INSERT", "", $location);
$location = str_replace("ORDER", "", $location);
$location = str_replace("GROUP", "", $location);
$location = str_replace("ALTER", "", $location);
$location = str_replace(" OR ", "", $location);
$location = str_replace(" or ", "", $location);
$location = str_replace("=", "", $location);
$cinsiyet = str_replace("’", "", $cinsiyet);
$cinsiyet = str_replace("(", "", $cinsiyet);
$cinsiyet = str_replace(")", "", $cinsiyet);
$cinsiyet = str_replace(";", "", $cinsiyet);
$cinsiyet = str_replace(":", "", $cinsiyet);
$cinsiyet = str_replace("<", "", $cinsiyet);
$cinsiyet = str_replace("'", "", $cinsiyet);
$cinsiyet = str_replace("UNION", "", $cinsiyet);
$cinsiyet = str_replace("SELECT", "", $cinsiyet);
$cinsiyet = str_replace("WHERE", "", $cinsiyet);
$cinsiyet = str_replace("LIKE", "", $cinsiyet);
$cinsiyet = str_replace("FROM”", "", $cinsiyet);
$cinsiyet = str_replace("UPDATE", "", $cinsiyet);
$cinsiyet = str_replace("INSERT", "", $cinsiyet);
$cinsiyet = str_replace("ORDER", "", $cinsiyet);
$cinsiyet = str_replace("GROUP", "", $cinsiyet);
$cinsiyet = str_replace("ALTER", "", $cinsiyet);
$cinsiyet = str_replace(" OR ", "", $cinsiyet);
$cinsiyet = str_replace(" or ", "", $cinsiyet);
$cinsiyet = str_replace("=", "", $cinsiyet);
Большой проект. Часть переменных на турецком. Смесь из php с html. Файлы проекта сохранены в разных кодировках. Mysql конфиги иногда подключаются include'ом, иногда прямо в текущем файле.
guest 20.09.2011 10:55 # +2
Exarchik 21.09.2011 10:16 # 0
Vasiliy 20.09.2011 14:13 # +4
zorbis 20.09.2011 15:05 # +2
jQuery 20.09.2011 17:10 # +2
Vasiliy 21.09.2011 08:16 # 0
jQuery 21.09.2011 08:19 # +2
И таких способов еще как минимум два
3.14159265 20.09.2011 16:30 # +2
CKrestKrestGovno 20.09.2011 16:31 # 0
7ion 20.09.2011 17:53 # −5
jQuery 20.09.2011 19:05 # 0
TheHamstertamer 20.09.2011 19:44 # 0
НАНА НАНАНА
CPPGovno 20.09.2011 20:03 # +1
jokz 20.09.2011 20:33 # +5
"мы не будем проверять, является ли это строка валидным email, мы просто ВЫРЕЖЕМ ИЗ НЕЕ ВСЕ БЛЯ ЧТО МОЖЕТ НАМ ПОМЕШАТЬ"
CPPGovno 20.09.2011 20:47 # +2
ZX_Spectrum 20.09.2011 22:50 # +2
$email = str_replace("format c:", "", $email);
и много других "опасных" команд - а вдруг!
i-- 21.09.2011 15:39 # +1
str_replace("format c:", "defrag \C \H", $email);
Teddy_Brown 21.09.2011 12:30 # 0
QarezZ 01.10.2011 21:04 # 0
guest8 09.04.2019 11:32 # −999