[Patch SQLi]
Patch SQLimethod get ( kecuali sqli base64 & sqli url friendly (yang pakai url alias bukan id)
function patch_sqli_G($num){
if($num < 0){
echo "<script>window.location.href='./index.php'</script>";
}elseif(!is_numeric($num)){
echo "<script>window.location.href='./index.php'</script>";
}else{
return $num;
}
if($num < 0){
echo "<script>window.location.href='./index.php'</script>";
}elseif(!is_numeric($num)){
echo "<script>window.location.href='./index.php'</script>";
}else{
return $num;
}
}
#patch post sqli & bypass login
function patch_sqli_P($data){
$filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter;
}
$filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter;
}
Kalau bisa inject harus bisa patching dong. jangan cuman bisa menghancurkan Tetapi kita harus bisa membangun Website Tersebut. thanks