Hi,
I wonder if someone could help me, Just moved to a new server running PHP5 and getting the "Deprecated: Function sql_regcase() is deprecated" error, I don't want to disable the messages in php.ini, I would prefer to get the coding right.
The error relates to the anti-injection function posted below:-
function anti_injection($sql)
{
// removes words that contain sql syntax
$s = array("`","~","!","@","#","$","%","^","&","*","(",")","+","=","[","]",";","<",">","http","//","www");
$sql = str_replace($s, "", $sql);
$sql = preg_replace(sql_regcase("/(from|truncate|expalin|select|insert|delete|where|update|empty|drop table|limit|show tables|#|\*|--|\\\\)/"),"",$sql);
$sql = trim($sql); // strip whitespace
$sql = strip_tags($sql); // strip HTML and PHP tags
$sql = addslashes($sql); // quote string with slashes
return $sql;
}
If anyone can help recode the snippet it would be greatly appreciated.
Thanks
Ian