summaryrefslogtreecommitdiff
path: root/www-ssl/inc/secure.php
diff options
context:
space:
mode:
Diffstat (limited to 'www-ssl/inc/secure.php')
-rwxr-xr-xwww-ssl/inc/secure.php32
1 files changed, 32 insertions, 0 deletions
diff --git a/www-ssl/inc/secure.php b/www-ssl/inc/secure.php
new file mode 100755
index 00000000..786c18a6
--- /dev/null
+++ b/www-ssl/inc/secure.php
@@ -0,0 +1,32 @@
+<?php
+//soll dein funktion entahlten die alle übergebenen parameter überprüft
+//'`'"
+
+foreach ($_GET as $k => $v)
+{
+ $v = htmlspecialchars($v);
+ $v = mysql_escape_string($v);
+// $v = htmlentities($v);
+ if (preg_match('/([\"`])/', $v, $match))
+ {
+ print "sorry get has illegal char '$match[1]'";
+ exit;
+ }
+ $_GET[$k] = $v;
+ echo "GET $k=\"$v\"<br>";
+}
+
+foreach ($_POST as $k => $v)
+{
+ $v = htmlspecialchars($v);
+ $v = mysql_escape_string($v);
+// $v = htmlentities($v);
+ if (preg_match('/([\'"`\'])/', $v, $match)) {
+ print "sorry post has illegal char '$match[1]'";
+ exit;
+ }
+ $_POST[$k] = $v;
+ echo "POST $k=\"$v\"<br>";
+}
+
+?>