fantomas: Sicherheit von GET

Beitrag lesen

  
error_reporting(0);  
//  
    if ( count($_GET) == 3 ) {  
		if ( isset($_GET["v"],$_GET["s"],$_GET["h"]) ) {  
			//  
			function unr_gl() {  
				foreach (func_get_args() as $name) {  
					foreach ($GLOBALS[$name] as $key=>$value){  
						if (isset($GLOBALS[$key]))  
							unset($GLOBALS[$key]);  
					}  
				}  
			}  
			unr_gl('_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');  
			Function remote_status ($get_v, $get_s, $get_h) {  
				$get_h = strtolower($get_h);  
					if ( $get_v == 'A') {  
						$insert = "update table set ".$get_v." = ".$get_v." + '".$get_s."' where col = '".$get_h."';";  
					} else {  
						$insert = "update table set ".$get_v." = '".$get_s."' where col = '".$get_h."';";  
					}  
				mysql_query($insert);  
			}  
				$link = mysql_connect ("localhost", "user", "passwd");  
				mysql_select_db("database");  
				//  
				$get_v = mysql_real_escape_string(trim($_GET["v"]));  
				$get_s = mysql_real_escape_string(trim($_GET["s"]));  
				$get_h = mysql_real_escape_string(trim($_GET["h"]));  
				$get_v_chk_array = array('A','B','C','D','E','F','G','H');  
				//  
					if ( in_array($get_v, $get_v_chk_array) ) {  
						if ( strlen($get_s) == 1 && preg_match('[w|x|y|z]', $get_s) == 1 ) {  
							remote_status($get_v, $get_s, $get_h);  
							unset($insert,$_GET["v"]);  
						} else exit;  
					} else exit;  
				mysql_close($link);  
		} else exit;  
	} else exit;