Das geht wesentlich einfacher und schneller zu programmieren:
PHP-Code:
<?php
// Define bad Words
$BadWords = array("<", ">", "'", "union", "select", "order", "http");
// Glue our requeststring
$ReqStr .= implode('', $_GET);
$ReqStr .= implode('', $_POST);
$ReqStr .= implode('', $_REQUEST);
// Search for badwords
foreach($BadWords as $bw) {
if(stripos($ReqStr, $bw) !== false) die('Hacking attempt!');
}
?>