Notice
Recent Posts
Recent Comments
- Today
- Total
내 머릿속 데이터베이스
[PHP] SQL Injection 본문
function SQL_Injection($get_Str) {
$query_str = mysql_real_escape_string($get_Str);
return eregi_replace("(undefined| select | or| and| from| where| union| insert| update| delete| drop|\"|\'|#|\/\*|\*\/|\\\|\;)", "", $query_str);
}
$username = SQL_Injection($_POST["id"]);
Comments