From 310c2ce98fc8c0e94559c9ed8587101d92f6e853 Mon Sep 17 00:00:00 2001
From: cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>
Date: Sat, 10 Sep 2005 17:25:43 +0000
Subject: add total system

git-svn-id: svn://svn.cccv.de/engel-system@1 29ba0400-6e00-0410-a75a-ca02368028f8
---
 inc/secure.php | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100755 inc/secure.php

(limited to 'inc/secure.php')

diff --git a/inc/secure.php b/inc/secure.php
new file mode 100755
index 00000000..99d646d2
--- /dev/null
+++ b/inc/secure.php
@@ -0,0 +1,37 @@
+<?php
+//soll dein funktion entahlten die alle übergebenen parameter überprüft
+//'`'" 
+  
+foreach ($_GET as $k => $v) 
+{	
+  	$v = htmlspecialchars($v);
+//echo "$v<br>";
+	$v = mysql_escape_string($v);
+//echo "$v<br>";
+//	$v = htmlentities($v);
+//echo "$v<br>";
+//    if (preg_match('/([\'"`\'])/', $v, $match)) 
+	if (preg_match('/([\"`])/', $v, $match)) 
+	{
+		print "sorry get has illegal char '$match[1]'";
+		exit;
+	}
+	$$k = $v;
+}
+  
+foreach ($_POST as $k => $v) 
+{
+  	$v = htmlspecialchars($v);
+//echo "$v<br>";
+	$v = mysql_escape_string($v);
+//echo "$v<br>";
+//	$v = htmlentities($v);
+//echo "$v<br>";
+	if (preg_match('/([\'"`\'])/', $v, $match)) {
+		print "sorry post has illegal char '$match[1]'";
+		exit;
+	}
+	$$k = $v;
+}
+
+?>
-- 
cgit v1.2.3-70-g09d2