Filter all user input to reduce the security impact of manipulated data

2006-06-17 06:10:10 +00:00
parent 02c5682c01
commit f982c8459e
53 changed files with 988 additions and 542 deletions
--- a/search.php
+++ b/search.php
@@ -10,8 +10,11 @@ include("path.php");
 require(BASE."include/incl.php");
 require(BASE."include/application.php");

+$aClean = array(); //array of filtered user input
+
+$aClean['q'] = makeSafe($_REQUEST['q']);

 apidb_header("Search Results");
-perform_search_and_output_results($_REQUEST['q']);
+perform_search_and_output_results($aClean['q']);
 apidb_footer();
 ?>