checking incoming web values - PHPBuilder Forums

checking incoming web values

gumby

In php3, I wrote the function below, to check incoming web data, disabling long strings and/or illegal characters. Will this still be valid in php4? and if not, how would it best be converted?

function checkData ()
{ reset($GLOBALS);
while ( list($key, $value) = each ($GLOBALS) AND ($key ! = "DOCUMENT_ROOT") )
{ $val = trim($value);
if (strlen($value) > 600)
{ include ("kickBack.php3");
exit;
}
$val = ereg_replace("`", "", $val);
$val = ereg_replace("<", "", $val);
$val = ereg_replace(">", "", $val);
$val = ereg_replace("\"", "", $val);
$val = ereg_replace("'", "", $val);
$val = ereg_replace("\%", "", $val);
$val = ereg_replace("\;", "", $val);
$val = ereg_replace("(", "", $val);
$val = ereg_replace(")", "", $val);
$val = ereg_replace("\&", "", $val);
$val = ereg_replace("+", "", $val);
$GLOBALS[$key] = $val;
}
}

$GLOBALS = checkData();

Thanks.