Try to secury my scripts a bit more but...

12/01/2012 14:19 cypherxxl#1
Hello.

Ive tryd to Secure my Scripts a bit more, but now i got the following error:
Fatal error: Call to undefined function ms_escape()

Maybe any1 know what to do?

Greetings.
12/01/2012 15:59 Truth1010#2
From the little i do know of PHP. I'd guess half that error statement is missing.

I would expect it to continue to read more like

Fatal error: Call to undefined function ms_escape() in /file directory xx / filename.php on line xx

Maybe with more info on your error, someone may be able to help. For example.. you didn't mention which script you have the error with, out of the many available here alone.
12/01/2012 16:12 nephren#3
ms escape() existiert nicht.

Code:
function mssql_escape($data) {
    if(is_numeric($data))
        return $data;
12/01/2012 16:13 cypherxxl#4
Get it on all of my scripts.
After changing that.

If i set all files back to default it wont work too -.-


Using this //MSSQL Escape Function - SQL Injection Prevention
PHP Code:
function mssql_escape_string($data) {
    if(!isset($data) or empty($data)) return '';
    if(is_numeric($data)) return $data;
    $non_displayables = array(
        '/%0[0-8bcef]/',            // url encoded 00-08, 11, 12, 14, 15
        '/%1[0-9a-f]/',                // url encoded 16-31
        '/[\x00-\x08]/',            // 00-08
        '/\x0b/',                    // 11
        '/\x0c/',                    // 12
        '/[\x0e-\x1f]/'                // 14-31
    );
    foreach($non_displayables as $regex)
        $data preg_replace($regex,'',$data);
        $data str_replace("'","''",$data);
    return $data;

Its cause i use this:
PHP Code:
    $userid        ms_escape($_POST['userid']);
    $password    ms_escape($_POST['password']); 
Edit:
Got it working now. Thank you :)