Creating Function Newbie question

[Peter Wilson]

Hi

I have written a small bit of code for my web site that basically is
anti hack code.

$checking = ($HTTP_GET_VARS['UniqueNo']);
if (ereg ("[^0-9]+", $checking) )
{echo "Please Stop Trying to Hack This Site";
exit;}

I would like to change this into a function where I only have to enter
the Http variable. into the functions brackets. How do I do it? Is it
possible?

many thanks

Peter
Motto "A smile aday keeps the blues away"

[url]http://www.sci-comm.clara.net/[/url]

[Shane Lahey]

On Sun, 6 Jun 2004 21:07:54 +0100, Peter Wilson <pwilson@sci-comm.clara.net> wrote:

>Hi
>
>I have written a small bit of code for my web site that basically is
>anti hack code.
>
>$checking = ($HTTP_GET_VARS['UniqueNo']);
>if (ereg ("[^0-9]+", $checking) )
>{echo "Please Stop Trying to Hack This Site";
>exit;}
>
>I would like to change this into a function where I only have to enter
>the Http variable. into the functions brackets. How do I do it? Is it
>possible?
>
>many thanks
>
>Peter
>Motto "A smile aday keeps the blues away"
>
>[url]http://www.sci-comm.clara.net/[/url]

// usage: check_if_hacking([variable]);
function check_if_hacking($variable = false)
{
global $_GET;

if ($variable === false)
$variable = $_GET['UniqueNo'];

if (ereg("[^0-9]+", $variable))
{
die("Stop trying to hack this site");
}
}

// to use the function use either of the following methods
check_if_hacking($_GET['UniqueNo']);

or:

check_if_hacking(); // will use $_GET['UniqueNo']; by default if no variable is passed.

[Colin McKinnon]

Shane Lahey spilled the following:

> On Sun, 6 Jun 2004 21:07:54 +0100, Peter Wilson
> <pwilson@sci-comm.clara.net> wrote:
>

>>
>>$checking = ($HTTP_GET_VARS['UniqueNo']);
>>if (ereg ("[^0-9]+", $checking) )
>>{echo "Please Stop Trying to Hack This Site";
>>exit;}
>>
>>I would like to change this into a function where I only have to enter
>>the Http variable. into the functions brackets. How do I do it? Is it
>>possible?
>>

> // usage: check_if_hacking([variable]);
> function check_if_hacking($variable = false)
> {

<snip>

> }
>

Or for the really techno-funky version, use create_function to generate a
lambda function.

But I can't help noticing that checking the GET var has at least one digit
in it is hardly going to keep out the most determined of hackers. Suggest
you think of a better algorithm, since 'UniqueNo' will probably be
appearing in your pages, it won't take much effort to find a valid match.

C.

[Peter Wilson]

>But I can't help noticing that checking the GET var has at least one digit

>in it is hardly going to keep out the most determined of hackers. Suggest
>you think of a better algorithm, since 'UniqueNo' will probably be
>appearing in your pages, it won't take much effort to find a valid match.
>
>C.

I idea was to stop the people from being able to break into the page to
do some harm to the DB. I was told that if you can make the page drop by
using contort characters they can then hack eh BD I have no idea how
true this is but the little bit of code stopped it from happening any
way. Also a good point to start learning how to make functions simple
code.

Many thanks for the help

Peter
Motto "A smile aday keeps the blues away"

[url]http://www.sci-comm.clara.net/[/url]