Kieran-R Posted November 19, 2010 Share Posted November 19, 2010 Hello. Well while surfing, I found this function while "supposedly" secured all your $_GET and $_POST variables: function anti_inject($campo) { foreach($campo as $key => $val) { $val = mysql_real_escape_string($val); // store it back into the array $campo[$key] = $val; } return $campo; //Returns the the var clean } //the next two lines make sure all post and get vars are filtered through this function $_POST = anti_inject($_POST); $_GET = anti_inject($_GET); I was wondering if simply putting this in globals protects your game from these kind of attacks? Thanks Quote Link to comment Share on other sites More sharing options...
Equinox Posted November 19, 2010 Share Posted November 19, 2010 No. Simple as that ;D Quote Link to comment Share on other sites More sharing options...
Djkanna Posted November 19, 2010 Share Posted November 19, 2010 Oh noes it's back to haunt us again! Quote Link to comment Share on other sites More sharing options...
Jordan Palmer Posted November 20, 2010 Share Posted November 20, 2010 Would be so nice to say this work's however it don't. You've gotta go through all your files and secure the get/post individually Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.