Home page logo
/

basics logo Security Basics mailing list archives

PHP filter function against SQL injections
From: "Kellox" <kellox () mymail ch>
Date: Wed, 7 Feb 2007 17:54:52 +0100

hi everyone!

i was just wondering if this filter function written in php is safe against
sql injections:

function filter($string) {
  $replace = "";
  $search = array(">", "<", "|", ";");
  $result = mysql_escape_string( str_replace($search, $replace, $string));
  return $result;
}

or could anyone imagine an sql injection attack which bypasses this filter
function?
___________________________________________________________________________
mymail - der unschlagbare und kostenlose E-Mail-Dienst der Schweiz!
http://mymail.ch/?redirect=9999
Kaspersky Anti Virus 6.0 - So schützen Sie Ihren PC zuverlässig!
http://ad.zanox.com/ppc/?4997698C625979254T


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]