PHP XSS SLQi protection

SUBMITTED BY: Guest

DATE: Nov. 15, 2013, 4:19 p.m.

FORMAT: PHP

SIZE: 356 Bytes

Raw Download

HITS: 850

Report
  1. <?php
  2. function xsssql($dirty){
  3. if (get_magic_quotes_gpc()) {
  4. $clean = mysql_real_escape_string(stripslashes($dirty));
  5. }else{
  6. $clean = mysql_real_escape_string($dirty);
  7. }
  8. return htmlentities($clean);
  9. }
  10. // hot to use:
  11. $user=$_GET['user'];
  12. $query="SELECT * FROM users WHERE user='".xsssql($user)."'";
  13. ?>
comments powered by Disqus