What is the effective way to protect the form from intrusion?
I use the following code to filter out some types of intrusions:
function anti_injection($sql)
{
$sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\)/"),"",$sql);
$sql = trim($sql);
$sql = strip_tags($sql);
$sql = addslashes($sql);
return $sql;
}
$imvloginanti = anti_injection($imvlogin);
$imvsenhaanti = anti_injection($imvsenha);
How can I make security more effective?