Jump to content

Thy Gamer

New Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

Thy Gamer's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Thy Gamer
    [code]<?php function SafeGurad($tempinput) { $tempinput = str_replace("%20","",$tempinput); $tempinput = addslashes($tempinput); $tempinput = str_replace("javascript","No_Java_Script_Allowed!",$tempinput); $tempinput = str_replace("</script>","No_Script_Allowed!",$tempinput); $tempinput = str_replace("<script>","No_Script_Allowed!",$tempinput); $tempinput = str_replace("SELECT * FROM","No_SQL_Script_Aloud!",$tempinput); $tempinput = str_replace("<","&lt",$tempinput); $tempinput = str_replace(">","&gt",$tempinput); //return $tempinput; return($tempinput); //Not sure what one to use but they aint working //Echo $tempinput; } $tempinput = " /<>/<r>/<R>/\/\/\/\/\<B><R><R> LOL PANTS javascript SELECT * FROM"; SafeGurad($tempinput); php?> [/code] It does not filter threw like it should, any idea why?
  2. Thy Gamer
    [!--quoteo(post=359831:date=Mar 29 2006, 04:53 PM:name=Cojawfee)--][div class=\'quotetop\']QUOTE(Cojawfee @ Mar 29 2006, 04:53 PM) [snapback]359831[/snapback][/div][div class=\'quotemain\'][!--quotec--] If you really hate strip_tags(), you could replace < and > with &lt's and &gt's. This stops any scripts from running, and any markup from rendering, but doesn't change the appearance. [/quote] So something like this? [code]$tempinput = str_replace("<","&lt","$tempinput"); $tempinput = str_replace(">","&gt","$tempinput");[/code]
  3. Thy Gamer
    Is there any way I can strip html with out useing, strip_tags($tempinput) ??? It messes up my code for some odd reason, [code]<?php $tempinput = "LOL PANTS javascript SELECT * FROM"; SafeGurad($tempinput); function SafeGurad($tempinput) { $tempinput = strip_tags($tempinput) $tempinput = str_replace("%20","","$tempinput"); $tempinput = addslashes("$tempinput"); $tempinput = str_replace("javascript","No_Java_Script_Aloud!","$tempinput"); $tempinput = str_replace("</script>","No_Script_Aloud!","$tempinput"); $tempinput = str_replace("<script>","No_Script_Aloud!","$tempinput"); $tempinput = str_replace("SELECT * FROM","No_SQL_Script_Aloud!","$tempinput"); return $tempinput; } Echo $lol; php?> [/code]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.