Not sure what function should i use

[scuarplex]

Hi, im posting here because i'm not sure what function should i use or how to do it.

 

My idea is to search strings such as: ',",%27,SELECT,INSERT,script, and a few other dangerous inputs. If i find any of these in a string then i return true to do a few other things.

 

I'm aware of mysql_real_escape_string, but i don't want to just filter the input. I also been checking out functions such as strstr, but the needle takes only one string to find.

 

Are you guys aware of any functions that i can use to search a few words from one input string?

 

Otherwise i'll just use strstr with a while or something like that.

 

Thanks in advance. (Sorry if this topic don't belong here, i'm not sure.)

[.josh]

$bad_stuff = ("'",'"','%27','SELECT','INSERT','script');
$input = "input from user";

foreach ($bad_stuff as $bad) {
  if (stripos($input, $bad) !== 0) {
    // bad item found, do something
  }
}