function filter()
{
error_reporting(0);
require_once 'dati.php';
require_once 'rules.php';
//Concat all input parameter
$var = array_merge($_GET, $_POST, $_COOKIE);
array_push($var, $_SERVER['HTTP_USER_AGENT']);
//if var has no element I don't need to parse...
if (count($var) == 0) {
return 0;
}
if ($dati['browser_whitelist'] == 1) {
$i = 0;
foreach ($browser_whitelist as $value) {
preg_match("/{$value}/msi", $_SERVER['HTTP_USER_AGENT']) ? $i++ : '';
}
$i == 0 ? die('Your browser is not supported, get a standard browser') : '';
}
//if we have all filters I don't check what filter are on
if (strcmp($dati['filters'], 'all') == 0) {
foreach ($var as $value) {
if (!is_int($value)) {
//integer value can't be dangerous
foreach ($rules as $rule) {
//I'll check in rule if input can be dangerouse
if (preg_match("/{$rule['regexp']}/msi", $value)) {
found();
}
}
}
}
} else {
foreach ($var as $value) {
if (!is_int($value)) {
//integer value can't be dangerous
foreach ($rules as $rule) {
if (preg_match("/{$dati['filters']}/msi", $rule['type'])) {
if (preg_match("/{$rule['regexp']}/msi", $value)) {
if ($dati['alert'] == 1) {
found();
}
}
}
}
}
}
}
//else
}
function notfound($obj, $cond)
{
return !found($obj, $cond);
}
