Opened by Gast at 2005-12-12 17:10
Ich hab jetzt mal so angefangen bzw. erweitert
Was haltet ihr davon?
Code: (dl
)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
$form{$key} =~ s/^\s//g;
$form{$key} =~ s/\\0|\%00//g;
$form{$key} =~ s/\\x\w{2,}\s*?\\+//ig;
$form{$key} =~ s/.{2,}\///g;
$form{$key} =~ s/(<[^>]*?)\b(on\w+\s*\=)/$1x$2/ig;
$form{$key} =~ s/<\!\-\-\s*?\#?\s*?\w+\s*?\=/<\!\-\-/g;
foreach $exclude (@forbid) {
$form{$key} =~ s/(<\s*)($exclude)/<\!\-\-$1x$2/ig;
$form{$key} =~ s/(<\s*\/+)($exclude\s*>)/\$1x$2\-\-\>/ig;
$form{$key} =~ s/(\s*$exclude\s*\W*.*?\W*\;+)/Hacker: $ENV{'REMOTE_ADDR'}/ig;
}
$form{$key} =~ s/([^\s\w:.,@%-])/sprintf("&#x%X;", ord($1))/ge;
Was haltet ihr davon?