Advanced Search

Sanitise $_SERVER globals

/ Published in: PHP
Save to your folder(s)
This code from pfp fusion engine.

Put it above your code in the php-script.

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. // Clean URL Function, prevents entities in server globals
  2. function cleanurl($url) {
  3. 	$bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", "*");
  4. 	$safe_entities = array("&amp;", "", "", "", "", "", "", "", "", "");
  5. 	$url = str_replace($bad_entities, $safe_entities, $url);
  6. 	return $url;
  7. }
  8.  
  9. // Sanitise $_SERVER globals
  10. $_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']);
  11. $_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : "";
  12. $_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : "";
  13. $PHP_SELF = cleanurl($_SERVER['PHP_SELF']);

URL: http://www.php-fusion.co.uk

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.