@ 2015-12-17T18:39:59Z <?php
/**
*
* Clase para la interacción intermedia entre el software y la base de datos
* Programación PDO a bajo nivel
*
*
* @access private
* @author Néstor Rómulo Castillo
* @copyright Poder y Punto
*
*/
class Crea_Proceso_Seguridad_Sql_Injection
{
public $Cps_injection = array("from","shutdown","select","update","account","login","clan","character","indexcontent","set","insert","delete","where","drop table","show tables","#","*","--","\\");
public $Cps_inject_1 = array(";","'","%",'"');
public $Cps_inject_2 = array("", "\'","",""");
public $Cps_Resultado = "";
public $Cps_Cadena_Inicial;
public $Cps_Bandera = 0;
public $Cps_Search;
public $Cps_ra1 = array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
public $Cps_ra2 = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
public $Cps_ra = array();
public $Cps_found = true;
public function __construct($value, $mod_anti_sql = false, $mod_sql_injection = false, $mod_xxs = false);
{
$this->Cps_Cadena_Inicial = $value;
if ($mod_anti_sql) {
$this->Cps_Bandera = 1;
$this->Cps_Resultado = str_replace($this->Cps_inject_1, $this->Cps_inject_2, $this->Cps_Cadena_Inicial);
}
if ($mod_sql_injection) {
if ($this->Cps_Bandera == 0) {
$this->Cps_Bandera = 1;
$this->Cps_Resultado = str_replace($Cps_injection, "", $this->Cps_Cadena_Inicial);
} else {
$this->Cps_Resultado = str_replace($Cps_injection, "", $this->Cps_Resultado);
}
}
if ($mod_xxs) {
$this->Cps_Bandera = 0 ? $this->Cps_Resultado = $this->Cps_Cadena_Inicial : $this->Cps_Resultado = $this->Cps_Resultado;
$this->Cps_Resultado = preg_replace('/([x00-x08][x0b-x0c][x0e-x20])/', '', $this->Cps_Resultado);
$this->Cps_Search = 'abcdefghijklmnopqrstuvwxyz';
$this->Cps_Search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$this->Cps_Search .= '1234567890!@#$%^&*()';
$this->Cps_Search .= '~`";:?+/={}[]-_|\\\'';
for ($i = 0; $i < strlen($this->Cps_Search); $i++) {
$this->Cps_Resultado = preg_replace('/(&#[x|X]0{0,8}'.dechex(ord($this->Cps_Search[$i])).';?)/i', $this->Cps_Search[$i], $this->Cps_Resultado);
$this->Cps_Resultado = preg_replace('/(�{0,8}'.ord($this->Cps_Search[$i]).';?)/', $this->Cps_Search[$i], $this->Cps_Resultado);
}
$this->Cps_ra = array_merge($this->Cps_ra1, $this->Cps_ra2);
$Cps_found = true;
while ($Cps_found == true) {
$val_before = $this->Cps_Resultado;
for ($i = 0; $i < sizeof($this->Cps_ra); $i++) {
$pattern = '/';
for ($j = 0; $j < strlen($this->Cps_ra[$i]); $j++) {
if ($j > 0) {
$pattern .= '(';
$pattern .= '(&#[x|X]0{0,8}([9][a][b]);?)?';
$pattern .= '|(�{0,8}([9][10][13]);?)?';
$pattern .= ')?';
}
$pattern .= $this->Cps_ra[$i][$j];
}
$pattern .= '/i';
$replacement = substr($this->Cps_ra[$i], 0, 2).'<x>'.substr($this->Cps_ra[$i], 2); // add in <> to nerf the tag
$this->Cps_Resultado = preg_replace($pattern, $replacement, $this->Cps_Resultado); // filter out the hex tags
if ($val_before == $val) {
// no replacements were made, so exit the loop
$Cps_found = false;
}
}
}
}
}
/**
* [__toString Método que identifica cuando desean imprimir al objeto creado]
* @return string [description]
*/
public function __toString()
{
return '
<strong>Descripcion:</strong><br>
';
}
/**
* [__invoke Método que identifica cuando desean utilizar al objeto como un método]
* @param [type] $x [description]
* @return [type] [description]
*/
public function __invoke($x)
{
echo 'No puedes utilizar un objeto como función y realizar este proceso: <strong>'. $x .'</strong><br>Consulta la documentación de la clase.<br><br>'.$this->__toString();
}
/**
* [__call Método que identifica cuando desean accesar a un método que no existe en la clase]
* @param [type] $name [description]
* @param [type] $arguments [description]
* @return [type] [description]
*/
public function __call($name, $arguments)
{
echo "
Has invocado al método: <strong>$name</strong>.<br>
Con parámetros <strong>'". implode(',', $arguments). "'</strong>.
<strong>Y es inexistente</strong><br>
Consulta la documentación: <br><br>".$this->__toString();
}
/**
* [__set Método que identifica cuando desean accesar a uno propiedad que no existe]
* @param [type] $name [description]
* @param [type] $value [description]
*/
public function __set($name, $value)
{
echo "El atributo '$name' no existe por lo cual no se le puede asignar el valor $value<br>";
}
/**
* [__get Método para identificar cuando desean usar un atributo que no existe]
* @param [type] $name [description]
* @return [type] [description]
*/
public function __get($name)
{
echo "El atributo '$name' no existe.<br>";
}
/**
* [__desctruc Método para destruir al objeto despues de utilizarlo por completo]
* @return [type] [description]
*/
private function __desctruc()
{
}
}
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Here you find the average performance (time & memory) of each version. A grayed out version indicates it didn't complete successfully (based on exit-code).
Version System time (s) User time (s) Memory (MiB) 7.0.1 0.007 0.093 20.05 7.0.0 0.007 0.083 20.15 5.6.16 0.003 0.060 20.44 5.6.15 0.010 0.080 18.19 5.6.14 0.003 0.040 18.18 5.6.13 0.003 0.040 18.18 5.6.12 0.010 0.080 21.05 5.6.11 0.007 0.093 21.02 5.6.10 0.013 0.083 21.00 5.6.9 0.007 0.090 20.91 5.6.8 0.010 0.077 20.54 5.5.30 0.007 0.057 17.98 5.5.29 0.003 0.083 18.09 5.5.28 0.000 0.057 20.68 5.5.27 0.020 0.067 20.79 5.5.26 0.010 0.070 20.66 5.5.25 0.007 0.080 20.74 5.5.24 0.017 0.073 20.10
preferences:dark mode live preview
140 ms | 1394 KiB | 7 Q