Show DevBest [PHP] Security Script

[Bl0wf1sh]

You can protect your site from XSS and SQLi attack with this little script.

$bad = array("0x", "'", "(", ")", "union", "<", ">", "SELECT", "FROM");
$ip = $_SERVER["REMOTE_ADDR"];
$site = $_SERVER['REQUEST_URI'];
$date = date("m.d.Y");
$time = date("H:i:s");
 
 
foreach($_REQUEST as $req)
        {
        foreach($bad as $vuln)
            {
                if(@preg_match('/'.$vuln.'/',$req))
                {
                echo "<b>Blocked attack</b><br>";
                echo "Your IP: $ip  <br>Attacked site: $site<br>Date: $date<br>Time: $time";
                exit;
                }
            }
        }

You can test it if you just add ?foo=bar' in your link.

Hope you like it

 

[Markshall]

Very nice script mate, I like it.

Also, after your '/' in the preg_match, put an 'i' so it becomes insensitive:--

if ( @preg_match( "/" . $vuln . "/i", $ref ) )

Like that so that people can't type 'select' instead of 'SELECT'; they can't avoid the filter that way with upper/lower-case characters.

 

[Bl0wf1sh]

Hey, thanks for your reply. People can add some features for this snippet, like adding a Logger that counts attacks and denying to view the site.

I started learning OOP now and I tried to do this in OOP, this is the result. I'm open for any corrections and criticism, I want to improve myself in OOP and would be happy about it.

<?php
/*
@author:    bl0wf1sh
@date:      12.01.2013
 
You are allowed to modify and distribute this code, if you at least give me credits.
You are allowed to use it in your CMS.
You are not allowed to claim this code as your work.
*/
class Secure
{
    public $bad;
    public $ip;
    public $site;
    public $date;
    public $time;
 
 
public function SecureScript($on_off)
    {
   
            if($on_off == "on")
                    {
                    foreach($_REQUEST as $req)
                            {
                       
                            foreach($this->bad = array("0x", "'", "(", ")", "union", "<", ">", "SELECT", "FROM", '"') as $vuln)
                                {
                       
                               
                   
                                    if(@preg_match('/'.$vuln.'/i',$req))
                                        {
                                            echo "<b>Blocked attack</b><br>";
                                            echo "Your IP: ".$this->ip = $_SERVER["REMOTE_ADDR"]."
                                                    <br>Attacked URL: ".$this->site  = $_SERVER['REQUEST_URI']."
                                                    <br>Date: ".$this->date = date("m.d.Y")."
                                                    <br>Time: ".$this->time = date("H:i:s")."
                                                    <br>Your Data has been logged."; //to scare 'em
                                            exit;
                                        }
                                }
                            }
                    }
            else
            {
                //goof'd
            }
        return;
    }
 
}
?>

 

[Adil]

$on_off can be set to a boolean

 

[Ecko]

foreach($this->$bad = array("from", "'", "union", "select", "+", "0x", ">", "<", "\\", "/", "\"") as $vuln) {