On Mon, 2006-05-29 at 15:48, Jochem Maas wrote: > Steven Osborn wrote: > > Can someone please advise a faster solution to do what I'm > > doing below? All I need to be able to do is determine if any of the > > strings in the array are contained in $q. The method I have works, but > > I'm sure its not the most efficient way to do it. > > > > $dirtyWord = array("UNION","LOAD_FILE","LOAD DATA INFILE","LOAD > > FILE","BENCHMARK","INTO OUTFILE"); > > foreach($dirtyWord as $injection) > > { > > I don't see a way to avoid the foreach loop, but... I saw a post one day by Richard Lynch using the following interesting approach: <?php if( ereg( implode( '|', $dirtyWord ), $q ) ) { //Do Something to remove injection and log it } ?> This may ultimately be faster because it makes fewer function calls thus bypassing function call overhead incurred for each word. And it's probably even faster with PCRE. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php