Try to secury my scripts a bit more but...

[cypherxxl]

Hello.

Ive tryd to Secure my Scripts a bit more, but now i got the following error:
Fatal error: Call to undefined function ms_escape()

Maybe any1 know what to do?

Greetings.

[Truth1010]

From the little i do know of PHP. I'd guess half that error statement is missing.

I would expect it to continue to read more like

Fatal error: Call to undefined function ms_escape() in /file directory xx / filename.php on line xx

Maybe with more info on your error, someone may be able to help. For example.. you didn't mention which script you have the error with, out of the many available here alone.

[nephren]

ms escape() existiert nicht.

Code:

function mssql_escape($data) {
    if(is_numeric($data))
        return $data;

[cypherxxl]

Get it on all of my scripts.
After changing that.

If i set all files back to default it wont work too -.-


Using this //MSSQL Escape Function - SQL Injection Prevention

PHP Code:

function mssql_escape_string($data) {
    if(!isset($data) or empty($data)) return '';
    if(is_numeric($data)) return $data;
    $non_displayables = array(
        '/%0[0-8bcef]/',            // url encoded 00-08, 11, 12, 14, 15
        '/%1[0-9a-f]/',                // url encoded 16-31
        '/[\x00-\x08]/',            // 00-08
        '/\x0b/',                    // 11
        '/\x0c/',                    // 12
        '/[\x0e-\x1f]/'                // 14-31
    );
    foreach($non_displayables as $regex)
        $data = preg_replace($regex,'',$data);
        $data = str_replace("'","''",$data);
    return $data;
} 


Its cause i use this:

PHP Code:

    $userid        = ms_escape($_POST['userid']);
    $password    = ms_escape($_POST['password']); 


Edit:
Got it working now. Thank you