-1

I know that using PHP functions to avoid anti-sql injections is a bad idea, but I'm trying solve this function issue for custom purposes

function anti_injection($sql){
   $sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"), "" ,$sql);
   $sql = trim($sql);
   $sql = strip_tags($sql);
   $sql = (get_magic_quotes_gpc()) ? $sql : addslashes($sql);
   return $sql;
}

I'm getting this error: Uncaught Error: Call to undefined function sql_regcase()

How can I solve this?

Thank you.

Improve this question
1
  • This code is useless and will not protect you Commented Apr 13, 2019 at 18:58

2 Answers 2

Reset to default
1

sql_regcase was deprecated in PHP 5.3.0, and removed in PHP 7.0.0.

https://www.php.net/manual/en/function.sql-regcase.php

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

This function was DEPRECATED in PHP 5.3.0, and REMOVED in PHP 7.0.0.

Alternatives to this function include:

preg_match() preg_quote() source https://www.php.net/manual/en/function.sql-regcase.php

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.