Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ANTI.PHP
- <?php
- // ANTI SQLi
- if(isset($_GET['id']) && is_numeric($_GET['id']))
- {
- $id = $_GET['id'];
- }
- elseif(!is_numeric($_GET['id']))
- {
- mysql_query("INSERT INTO ban(ip) values('".$_SERVER['REMOTE_ADDR']."')") or die("Pokusaj hakerskog napada!");
- die("Banovani ste zbog pokusaja hakerskog napada.");
- }
- // END - ANTI SQLi
- // ANTI XSS
- function anti_xss($text)
- {
- $filter = array (
- "&" => "&",
- "<" => "<",
- ">" => ">",
- "'" => "'",
- );
- return str_replace(array_keys($filter), array_values($filter), $text);
- }
- // END - ANTI XSS
- ?>
- FAJL.PHP
- <?php
- echo"Conf";
- ?>
- <?php
- // ZASTITA NE DIRATI
- // ANTI SQLi
- if(isset($_GET["id"]) && is_numeric($_GET["id"]))
- {
- $id = $_GET["id"];
- }
- elseif(!is_numeric($_GET["id"]))
- {
- mysql_query("INSERT INTO ban(ip) values('".$_SERVER['REMOTE_ADDR']."')") or die("Pokusaj hakerskog napada!");
- die("Banovani ste zbog pokusaja hakerskog napada.");
- }
- // END - ANTI SQLi
- // ANTI XSS
- function anti_xss($text)
- {
- $filter = array (
- "&" => "&",
- "<" => "<",
- ">" => ">",
- "'" => "'",
- );
- return str_replace(array_keys($filter), array_values($filter), $text);
- }
- // END - ANTI XSS
- ?>
- INSTALL.PHP
- <?php
- $host = 'localhost';
- $db = 'film';
- $user = 'root';
- $pass = '';
- $file = 'fajl.php';
- if($file == '') {
- die("Molimo unesite ime fajla.");
- }
- $conn = mysql_connect($host, $user, $pass) or die('Pogresan username/password ili host mySQL baze.');
- mysql_select_db($db, $conn) or die('Baza ne postoji.');
- mysql_query("CREATE TABLE IF NOT EXISTS `ban` (
- `id` int(10) NOT NULL AUTO_INCREMENT,
- `ip` varchar(30) NOT NULL,
- PRIMARY KEY (`id`)
- ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;") or die("Korak 1: Greska: Table nisu uspesno instalirane.");
- echo"Korak 1: Teble su uspesno unete!<br>";
- $fincl = fopen($file, "a");
- fwrite($fincl, "\r\n");
- fwrite($fincl, "\r\n");
- fwrite($fincl, "<?php\r\n");
- fwrite($fincl, "// ZASTITA NE DIRATI \r\n");
- fwrite($fincl, "\r\n");
- fwrite($fincl, "// ANTI SQLi\r\n");
- fwrite($fincl, "if(isset(\$_GET[\"id\"]) && is_numeric(\$_GET[\"id\"]))\r\n");
- fwrite($fincl, " {\r\n");
- fwrite($fincl, " \$id = \$_GET[\"id\"];\r\n");
- fwrite($fincl, " }\r\n");
- fwrite($fincl, "elseif(!is_numeric(\$_GET[\"id\"]))\r\n");
- fwrite($fincl, " {\r\n");
- fwrite($fincl, " mysql_query(\"INSERT INTO ban(ip) values('\".\$_SERVER['REMOTE_ADDR'].\"')\") or die(\"Pokusaj hakerskog napada!\");\r\n");
- fwrite($fincl, " die(\"Banovani ste zbog pokusaja hakerskog napada.\");\r\n");
- fwrite($fincl, " }\r\n");
- fwrite($fincl, "// END - ANTI SQLi\r\n");
- fwrite($fincl, "\r\n");
- fwrite($fincl, "\r\n");
- fwrite($fincl, "// ANTI XSS\r\n");
- fwrite($fincl, "function anti_xss(\$text)\r\n");
- fwrite($fincl, "{\r\n");
- fwrite($fincl, "\$filter = array (\r\n");
- fwrite($fincl, " \"&\" => \"&\",\r\n");
- fwrite($fincl, " \"<\" => \"<\",\r\n");
- fwrite($fincl, " \">\" => \">\",\r\n");
- fwrite($fincl, " \"'\" => \"'\",\r\n");
- fwrite($fincl, " );\r\n");
- fwrite($fincl, "return str_replace(array_keys(\$filter), array_values(\$filter), \$text);\r\n");
- fwrite($fincl, "}\r\n");
- fwrite($fincl, "// END - ANTI XSS\r\n");
- fwrite($fincl, "?>\r\n");
- fclose($fincl) or die("Instalacija nije uspela.");
- echo"Korak 2: Include fajla je dovrsen.<br>";
- echo"INSTALACIJA JE DOVRSENA!";
- ?>
Add Comment
Please, Sign In to add comment