session_start();
ini_set('display_errors','0');
error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED );
function RemoveSql($str){
$str = str_replace(";",";",$str);
$str = str_replace("'","'",$str);
$str = str_replace("*","*",$str);
$str = str_replace("%","%",$str);
$str = str_replace("\"",""",$str);
$str = str_replace("--","--",$str);
return $str;
}
foreach ($_REQUEST as $key => $value) {
//echo($key." = ".intval($value)."
");
if (!is_numeric($value)) {
$_REQUEST[$key]=RemoveSql($value);
}
}
foreach ($_POST as $key => $value) {
//echo($key." = ".intval($value)."
");
if (!is_numeric($value)) {
$_POST[$key]=RemoveSql($value);
}
}
foreach ($_GET as $key => $value) {
//echo($key." = ".intval($value)."
");
if (!is_numeric($value)) {
$_GET[$key]=RemoveSql($value);
}
}
if (session_is_registered("sLang")) session_unregister("sLang");
if (session_is_registered("sIdApp")) session_unregister("sIdApp");
?>
|