GoFuckYourself.com - Adult Webmaster Forum - View Single Post

roly · 09-20-2010, 01:19 PM

hi

i've got some old mainstream sites that were getting hacked with sql injection (only turkish script kiddies), as a temporary measure i removed some functionality of the site to prevent it happening again.

i want to get the sites working properly again. i found this code snippet while i was searching for a solution, is this all i need to prevent an sql injection attack using post or get happening again?

Code:

  //This stops SQL Injection in POST vars 
  foreach ($_POST as $key => $value) { 
    $_POST[$key] = mysql_real_escape_string($value); 
  } 

  //This stops SQL Injection in GET vars 
  foreach ($_GET as $key => $value) { 
    $_GET[$key] = mysql_real_escape_string($value); 
  }

as you can tell i'm not a coder so any advice appreciated.

thanks in advance

09-20-2010, 01:19 PM
roly Confirmed User Join Date: Aug 2002 Posts: 1,844	sql injection prevention advice hi i've got some old mainstream sites that were getting hacked with sql injection (only turkish script kiddies), as a temporary measure i removed some functionality of the site to prevent it happening again. i want to get the sites working properly again. i found this code snippet while i was searching for a solution, is this all i need to prevent an sql injection attack using post or get happening again? Code: //This stops SQL Injection in POST vars foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string($value); } //This stops SQL Injection in GET vars foreach ($_GET as $key => $value) { $_GET[$key] = mysql_real_escape_string($value); } as you can tell i'm not a coder so any advice appreciated. thanks in advance Last edited by roly; 09-20-2010 at 01:22 PM..