HackmanC , Muchas Gracias !!!!!
Tienes toda la razón, el isset() era el problema!
También agregue esto a mi código :
Código PHP:
Ver originalfunction output_safe($string) {
$out_str = "";
foreach ($chars as $char){
if ($char == "a" || $char == "b" || $char == "c" || $char == "d" || $char == "e" || $char == "f" || $char == "g" || $char == "h" || $char == "i" || $char == "j" || $char == "k" || $char == "l" || $char == "m" || $char == "n" || $char == "o" || $char == "p" || $char == "q" || $char == "r" || $char == "s" || $char == "t" || $char == "u" || $char == "v" || $char == "w" || $char == "x" || $char == "y" || $char == "z" || $char == "A" || $char == "B" || $char == "C" || $char == "D" || $char == "E" || $char == "F" || $char == "G" || $char == "H" || $char == "I" || $char == "J" || $char == "K" || $char == "L" || $char == "M" || $char == "N" || $char == "O" || $char == "P" || $char == "Q" || $char == "R" || $char == "S" || $char == "T" || $char == "U" || $char == "V" || $char == "W" || $char == "X" || $char == "Y" || $char == "Z" || $char == "1" || $char == "2" || $char == "3" || $char == "4" || $char == "5" || $char == "6" || $char == "7" || $char == "8" || $char == "9" || $char == "0" || $char == "." || $char == "," || $char == "!" || $char == ":" || $char == "<" || $char == ">" || $char == "=" || $char == "'" || $char == "/" || $char == "?" || $char == "@" || $char == "%" || $char == "*" || $char == ";" || $char == "?" || $char == '"' || $char == "&" || $char == '\\' || $char == "#" || $char == "(" || $char == ")" || $char == "[" || $char == "]" || $char == "{" || $char == "}")
{
$out_str = $out_str.$char;
}
}
$out_str = trim($out_str); $out_str = strip_tags($out_str); // Quitar las Etiquetas HTML y PHP. return $out_str;
}
He sacado los isset(), ahora el programa no detecta inyecciones sql.
Gracias!!!!!!