I know that using PHP functions to avoid anti-sql injections is a bad idea, but I'm trying solve this function issue for custom purposes

function anti_injection($sql){
   $sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"), "" ,$sql);
   $sql = trim($sql);
   $sql = strip_tags($sql);
   $sql = (get_magic_quotes_gpc()) ? $sql : addslashes($sql);
   return $sql;
}

I'm getting this error: Uncaught Error: Call to undefined function sql_regcase()

How can I solve this?

Thank you.

2 Answers

1
Rob Kwasowski On Best Solutions

sql_regcase was deprecated in PHP 5.3.0, and removed in PHP 7.0.0.

https://www.php.net/manual/en/function.sql-regcase.php

1
Community On

This function was DEPRECATED in PHP 5.3.0, and REMOVED in PHP 7.0.0.

Alternatives to this function include:

preg_match() preg_quote() source https://www.php.net/manual/en/function.sql-regcase.php