On Mon, 2006-05-29 at 15:48, Jochem Maas wrote:
> Steven Osborn wrote:
> > Can someone please advise a faster solution to do what I'm
> > doing below? All I need to be able to do is determine if any of the
> > strings in the array are contained in $q. The method I have works, but
> > I'm sure its not the most efficient way to do it.
> >
> > $dirtyWord = array("UNION","LOAD_FILE","LOAD DATA INFILE","LOAD
> > FILE","BENCHMARK","INTO OUTFILE");
> > foreach($dirtyWord as $injection)
> > {
>
> I don't see a way to avoid the foreach loop, but...
I saw a post one day by Richard Lynch using the following interesting
approach:
<?php
if( ereg( implode( '|', $dirtyWord ), $q ) )
{
//Do Something to remove injection and log it
}
?>
This may ultimately be faster because it makes fewer function calls thus
bypassing function call overhead incurred for each word. And it's
probably even faster with PCRE.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
