Codice:
$lol = array(
'XSS' => '<[^>]*(script|object|iframe|applet|meta|style|form|img|onmouseover|body)*\\\\\"?[^>]*>',
'RFI' => '^(http|https|ftp|webdav)[\\\s]*:[\\\s]*/[\\\s]*/[\\\s]*.*/.*\\\?'
);
foreach ($_GET as $key => $value) {
$value = trim(urldecode($value));
foreach ($lol as $type => $var) {
if (eregi($lol[$var], $value)) {
echo "$key => $value.\n";
}
}
}
Dov'è che sbaglio? :/ Dante