[Release] [PHP] Anti SQL Injection Script

KR373N

Well-Known Member
Joined
May 18, 2008
Messages
1,944
Reaction score
445
PHP:
 Anti SQL Injection Script: 

[CODE][COLOR="SandyBrown"]// Anti-SQL Injection[/COLOR]
function check_inject()
  {
    $badchars = array(";", "'", "\"", "*", "DROP", "SELECT", "UPDATE", "DELETE", "-");
  
    foreach($_POST as $value)
    {
      if(in_array($value, $badchars))
      {
        die("SQL Injection Detected\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
      **
      else
      {
        $check = preg_split("//", $value, -1, PREG_SPLIT_OFFSET_CAPTURE);
        foreach($check as $char)
        {
          if(in_array($char, $badchars))
          {
            die("SQL Injection Detected\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
          **
        **
      **
    **
  **  [/CODE]
 
Last edited:

diko

New Member
Joined
Feb 3, 2009
Messages
117
Reaction score
9
Каде се добавя този код в Индекса ли ?
 

diablo21

Banned
Joined
Sep 9, 2008
Messages
1,052
Reaction score
475
не само на индекс на почти всички файлове или интеграция трябва да има ще обеснят по подробно
 

newguy

Well-Known Member
Joined
Nov 23, 2008
Messages
644
Reaction score
571
Попринцип кода трябва да се слага в Index-а и защитава $_POST заявките но е много лошо написан. Има някакви ** които нямам си на идея за какво ги използват. Ако го копирате буквално ще ви даде грешка.

Скоро ще направя и аз подобен скрипт.
 

sNG

New Member
Joined
Sep 11, 2008
Messages
2,647
Reaction score
690
Това е най-добрата защита според мен. Забранява ти всякакъв вид излишни клавиши , като "-" , """ , "," и всякакви такива видове.
 

Backo

New Member
Joined
Jan 17, 2009
Messages
1,212
Reaction score
975
Според мен трябва да е така:

Code:
[COLOR="SandyBrown"]// Anti-SQL Injection[/COLOR]
function check_inject()
  {
    $badchars = array(";", "'", "\"", "*", "DROP", "SELECT", "UPDATE", "DELETE", "-");
  
    foreach($_POST as $value)
    {
      if(in_array($value, $badchars))
      {
        die("SQL Injection Detected\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
      }
      else
      {
        $check = preg_split("//", $value, -1, PREG_SPLIT_OFFSET_CAPTURE);
        foreach($check as $char)
        {
          if(in_array($char, $badchars))
          {
            die("SQL Injection Detected\n<br />\nIP: ".$_SERVER['REMOTE_ADDR']);
          }
        }
      }
    }
  }

Както каза newguy се слага и в индекс.пчп или може да се направи и отделен пчп файл който да се казва да речем "sqlinject.php" и да се include("sqlinject.php"); в индекс.пчп
 

ludaka

New Member
Joined
Dec 10, 2008
Messages
387
Reaction score
112
Сложете и "shutdown" :d макар че то има ; и го забранява :)
 
Thread starter Similar threads Forum Replies Date
pich [Release] Php Effective Anti Injection Script Releases 11
D [Release] Sell Resources Script - All PHP versions and MuOnline Seasons Releases 4
Angerfist [Release] PHP Inventory View Releases 3
f0und [Release] Xtyling web Online php module Releases 2
ivowe3 [Release] Stone & Rena Deposit and Rankings PHP code Releases 28
G [Release] GoblessMu Web + install.php file Releases 14
crazyboy [Release] PHP Mu Signature Releases 11
KR373N [Release] MuOnline PHP Server Loader Releases 16
Damian [Release] {PHP} Inventory Editor Releases 69
Bupyc™ [Release] PHP Castle Siege Web Information Releases 2
suh1q [Release] Phpbb2 Mu Template & MuWeb Template Releases 5
Mephisto [Release] [PHP] Show Stats Over 32767 Releases 30
Mephisto [Release] [PHP] Inventory View Releases 46
L [Release] MuWeb Ban IP PHP 0.2 Releases 0
ludaka [Release] Secure In PHP Releases 11
Lesh0 [Release] PHP Castle Siege Web Information Releases 0
DarkMaster [Release] Most Users Online PHP Script Releases 14
ReaL [Release] PhpBB3 MuOnline Template Releases 31
KR373N [Release] GameMaster On/off php script Releases 9
DarkMaster [Release] MuWeb Ban IP PHP 0.2 Releases 12
noLove [Release] Antihack GameGuard (DLL) Releases 2
noLove [Release] SlineMU Antihack and Website premium Releases 17
DemonuMu [Release] MHP AntiHack MU Full Source Releases 3
DemonuMu [Release] H-Guard Anti-hack System Releases 11
S [Release] Play AntiCheat Releases 0
DemonuMu [Release] MuEMU Anti-Cheat Source Releases 0
DemonuMu [Release] Anti DDoS Guardian 3.4 Cracked Releases 0
DemonuMu [Release] Main 99b + Anti-Hack For Free Releases 15
L [Release] ExTeam Season 4 Ep 6 FULL + Stable AntiCheat, DDos, Customs, New Item Releases 9
D [Release] MuEMU Antihack + Video Guide 97D Releases 9
L [Release] ConnectServer + Anti Syn Flood + Port Change Option Releases 2
L [Release] ZyGuard Antihack Full Releases 8
DemonuMu [Release] MuEMU Anti-Hack For Free Releases 24
DemonuMu [Release] Main 97d+99i Free Anti-Hack Releases 106
DemonuMu [Release] MuOnline Anti-DDoS 2013 Releases 5
D [Release] Anti Hack Server & Client Side (Source Code) Releases 2
D [Release] Codex Anticheat v3 modified Releases 3
L [Release] ZyGuard Free Full MuOnline Antihack Releases 11
L [Release] NSEngine Anti-Cheat Releases 4
Deadman [Release] Anti ddos Guardian Plus Releases 20
P [Release] MuGuard Anti Flood Releases 1
Angerfist [Release] Main 99b + AntiHack Releases 6
ludaka [Release] Anti shadow bug Releases 2
D [Release] Pinkof Anticheat 3.0.3 Releases 12
hrisiz [Release] AntiDupe Script Update Releases 1
1 [Release] CheatShield Mu Online Antihack [Server & Client ] Releases 3
Angerfist [Release] Source Code - Dll Hide Main - Write Mem Serial - Anti SendPacket Releases 1
Angerfist [Release] LockSystem - Anti DoS Releases 0
Angerfist [Release] Cheats DB for any Dll Antihack Releases 3
tomas08 [Release] OMEGA Repack - Titan Tech 11.00.35 + Patch 1.04c + Antihack + AutoBackup Releases 3

Similar threads