HTTP Verb Tampering

$pattern = "/^[A-Za-z\s]+$/";

if(preg_match($pattern, $_GET["code"])) {
    $query = "Select * from ports where port_code like '%" . $_REQUEST["code"] . "%'";
    ...SNIP...
}

<Limit GET POST>
    Require valid-user
</Limit>

[METHOD] /[index.htm] HTTP/1.1
host: [www.example.com]

OPTIONS /index.html HTTP/1.1
host: www.example.com

GET /index.html HTTP/1.1
host: www.example.com

HEAD /index.html HTTP/1.1
host: www.example.com

POST /index.html HTTP/1.1
host: www.example.com

PUT /index.html HTTP/1.1
host: www.example.com

DELETE /index.html HTTP/1.1
host: www.example.com

TRACE /index.html HTTP/1.1
host: www.example.com

CONNECT /index.html HTTP/1.1
host: www.example.com

#!/bin/bash

for webservmethod in GET POST PUT TRACE CONNECT OPTIONS PROPFIND;

do
printf "$webservmethod " ;
printf "$webservmethod / HTTP/1.1\nHost: $1\n\n" | nc -q 1 $1 80 | grep "HTTP/1.1"

done