Award GRAN PRESTIGIO DE ORO – OLIVINUS 2013
28/08/2013
No hay info
No hay info
// Evitamos la inyeccion SQL // Modificamos las variables pasadas por URL foreach( $_GET as $valor ){ $_GET [ $variable ] = str_replace ( "'" , "'" , $_GET [ $variable ]); $_GET [ $variable ] = mysql_real_escape_string($_GET [ $variable ]) } // Modificamos las variables de formularios foreach( $_POST as $valor ){ $_POST [ $variable ] = str_replace ( "'" , "'" , $_POST [ $variable ]); $_POST [ $variable ] = mysql_real_escape_string($_GET [ $variable ]) } ?>