scuarplex Posted May 25, 2011 Share Posted May 25, 2011 Hi, im posting here because i'm not sure what function should i use or how to do it. My idea is to search strings such as: ',",%27,SELECT,INSERT,script, and a few other dangerous inputs. If i find any of these in a string then i return true to do a few other things. I'm aware of mysql_real_escape_string, but i don't want to just filter the input. I also been checking out functions such as strstr, but the needle takes only one string to find. Are you guys aware of any functions that i can use to search a few words from one input string? Otherwise i'll just use strstr with a while or something like that. Thanks in advance. (Sorry if this topic don't belong here, i'm not sure.) Quote Link to comment https://forums.phpfreaks.com/topic/237390-not-sure-what-function-should-i-use/ Share on other sites More sharing options...
.josh Posted May 25, 2011 Share Posted May 25, 2011 $bad_stuff = ("'",'"','%27','SELECT','INSERT','script'); $input = "input from user"; foreach ($bad_stuff as $bad) { if (stripos($input, $bad) !== 0) { // bad item found, do something } } Quote Link to comment https://forums.phpfreaks.com/topic/237390-not-sure-what-function-should-i-use/#findComment-1220018 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.