Protect Globals
Posted by Pete | Posted in PHP Functions | Posted on 30-11-2009-05-2008
0
This tutorial is an advancement to the first tutorial (here). This tutorial is able to run every time the page loads and removes any tags and helps stop injection into globals such as $_COOKIE, $_SERVER etc.
So first we must create the function so here it is
function protection() // start function { $vars = array('$_GET', '$_POST', '$_FILES', '$_SERVER', '$_SESSION', '$_COOKIE'); // Each global array to sort. foreach($vars as $var){ // Go through the array if(is_array($var)){ // Check if global is set so forms an array or not. foreach ($var as $key => $value) { // Carry out the foreach on the arrays assigning the key and value of the arrays to $key and $value. $key = strip_tags($key); // Remove any tags from the key $value = strip_tags($value); // Remove any tags from the value $var[$key] = htmlentities($value, ENT_QUOTES); // Convert all applicable characters to HTML entities } } } return true; // Return true to show it has run. }
Now to run it you simply put
protection();
and run it on every page as simple as that. 
Thanks for reading and if you have any comments or tutorials then please leave a comment
