Sanitise $_SERVER globals - PHP Snipplr Social Repository

Revision: 6550

at May 29, 2008 17:43 by romanos

Initial Code

// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
	$bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", "*");
	$safe_entities = array("&amp;", "", "", "", "", "", "", "", "", "");
	$url = str_replace($bad_entities, $safe_entities, $url);
	return $url;
}

// Sanitise $_SERVER globals
$_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']);
$_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : "";
$_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : "";
$PHP_SELF = cleanurl($_SERVER['PHP_SELF']);

Initial URL

http://www.php-fusion.co.uk

Initial Description

This code from pfp fusion engine.

Put it above your code in the php-script.

Initial Title

Sanitise $_SERVER globals

Initial Tags

Initial Language

PHP

Choose a language for easy browsing: