www.webdeveloper.com
Results 1 to 2 of 2

Thread: is this code safe to use? what does it do?

  1. #1
    Join Date
    Aug 2006
    Posts
    149

    is this code safe to use? what does it do?

    Hi everyone,

    I found this code on a website, it's supposed to protect my website from hacking attempts specially phpBB forums, is it safe to use or is it just a prank? wut does it do anyway?

    PHP Code:
     <?
    foreach($_GET as $a) {
    if(
    preg_match("/((http:\/\/|https:\/\/|ftp:\/\/).+)/i",$a)){
    die(
    "Hacking attempt");
    }
    }
    foreach(
    $_REQUEST as $a) {
    if(
    preg_match("/((http:\/\/|https:\/\/|ftp:\/\/).+)/i",$a)){
    die(
    "Hacking attempt");
    }
    }
    foreach(
    $_COOKIE as $a) {
    if(
    preg_match("/((http:\/\/|https:\/\/|ftp:\/\/).+)/i",$a)){
    die(
    "Hacking attempt");
    }
    }
    ?>
    TY..

  2. #2
    Join Date
    Mar 2005
    Location
    Sydney, Australia
    Posts
    7,974
    The first foreach checks the $_GET array to see if any entries contain any http:// https:// or ftp:// references in the data

    The second repeats the test but includes the $_POST and $cookie arrays along with $_GET

    The third repeats the test again for the $_COOKIE array.

    So the second foreach already included the checks that the first and third perform and so the first and third foreach are unnecessary.

    Testing the array contents for references to those three strings will prevent some forms of hacking but will have no effect on others.
    Stephen

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles