So far I have come up with
Code: Select all
$string = "SELECT * from tablename;";
if (preg_match("/^SELECT/" ,$string)) && (preg_match("/;$/" ,$string)) {
echo "query is OK";
} else {
"query incorrect"; }
Moderator: General Moderators
Code: Select all
$string = "SELECT * from tablename;";
if (preg_match("/^SELECT/" ,$string)) && (preg_match("/;$/" ,$string)) {
echo "query is OK";
} else {
"query incorrect"; }
Code: Select all
preg_match("/\"((select)|(show))[\w\s*]+\";/i",$string)Code: Select all
select this from that where id=5Code: Select all
preg_match("/\"((select)|(show))[\w\s*=]+\";/i",$string)Code: Select all
$string = "SELECT * from tablename;";
if (preg_match('/^\s*+(?:select|show)\b.*;\s*+$/is', $string)) {
echo("query is OK");
} else {
echo("query incorrect");
}