is this code safe to use? what does it do?

**SZero** · 12-25-2009 11:15 PM

Hi everyone,

I found this code on a website, it's supposed to protect my website from hacking attempts specially phpBB forums, is it safe to use or is it just a prank? wut does it do anyway?

PHP Code:


 <?

foreach($_GET as $a) {

if(preg_match("/((http:\/\/|https:\/\/|ftp:\/\/).+)/i",$a)){

die("Hacking attempt");

}

}

foreach($_REQUEST as $a) {

if(preg_match("/((http:\/\/|https:\/\/|ftp:\/\/).+)/i",$a)){

die("Hacking attempt");

}

}

foreach($_COOKIE as $a) {

if(preg_match("/((http:\/\/|https:\/\/|ftp:\/\/).+)/i",$a)){

die("Hacking attempt");

}

}

?>

TY..

**felgall** · 12-26-2009 12:07 AM

The first foreach checks the $_GET array to see if any entries contain any http:// https:// or ftp:// references in the data

The second repeats the test but includes the $_POST and $cookie arrays along with $_GET

The third repeats the test again for the $_COOKIE array.

So the second foreach already included the checks that the first and third perform and so the first and third foreach are unnecessary.

Testing the array contents for references to those three strings will prevent some forms of hacking but will have no effect on others.

Thread: is this code safe to use? what does it do?

Thread Tools

Display

is this code safe to use? what does it do?

Thread Information

Users Browsing this Thread

Bookmarks

Bookmarks

Posting Permissions