Page 1 of 1

how to denie .exe file and other weird stuff in my form

Posted: Fri Jul 25, 2003 7:34 am
by GK
Hi all

How can i denie sertain worths or .exe names from submitting to my form?
I prefer a seperate file that includes bad worths

<?
include "config.inc";
include "connect.php";

if (!isset($submit)) {
if(!eregi("^http://.+\..+", $file)){ die("Geen scan url of domein"); }
$get_rows = mysql_db_query ($dbname,"Select * from checker Where sid='$sid' OR file='$file' OR domein='$domein'",$db) or die (mysql_error());

$count = mysql_num_rows($get_rows);

if ($err) {

}

else {

mysql_db_query ($dbname,"Insert into checker (sid,file,domein) values ('$sid','$file','$domein')",$db) or die (mysql_error());

$msg = "Toegevoegt.";

}


if ($auto_validation == "no") { $msg = "Toegevoegt."; }

else { $msg = "Toegevoegt."; }
}

?>
<? echo $msg; ?>