I hereby claim:

• I am omegatcu on github.
• I am omegatcu (https://keybase.io/omegatcu) on keybase.
• I have a public key ASD7sZu9zPkixgPPTfI877LUWbX8koCR_ZP9jPN1SFPstAo

To claim this, I am signing this object:

The idea behind the SQLiShield feature in Admin Tools is checking each POST and GET variable against a regular expression. The regular expression only matches SQL code typically found in SQL injections. Considering that it's a bad practice sending raw SQL commands over an HTTP request this works very well without throwing false positives. The only false positives we are aware of is someone posting an article or a support ticket which includes a raw SQL command.

The regular expression we use (version 5 of the regex) is the following:

#(union([\s]{1,}|/\*(.*)\*/){1,}(all([\s]{1,}|/\*(.*)\*/){1,})?select|select(([\s]{1,}|/\*(.*)\*/|`){1,}([\w]|_|-|\.|\*){1,}([\s]{1,}|/\*(.*)\*/|`){1,}(,){0,})*from([\s]{1,}|/\*(.*)\//){1,}[a-z0-9]{1,}_|select([\s]{1,}|/\*(.*)\*/|\(){1,}(COUNT|MID|FLOOR|LIMIT|RAND|SLEEP|ELT)|select([\s]{1,}|/\*(.*)\*/|`){1,}.*from([\s]{1,}|/\*(.*)\//){1,}INFORMATION_SCHEMA\.|EXTRACTVALUE([\s]{1,}|\(){1,}|(insert|replace)(([\s]{1,}|/\*(.*)\*/){1,})((low_priority|delayed|high_priority|ignore)(

A list of amazingly awesome PHP libraries that you should consider using (and some other shiny extras).

• Composer/Packagist - A package and dependency manager.
• Composer Installers - A multi framework Composer library installer.
• Symfony2 - A framework comprised of individual components.
• Zend Framework 2 - Another framework comprised of individual components.
• Laravel 4 - A simple PHP framework.
• Lithium - Another framework of components.