Heim  >  Artikel  >  Backend-Entwicklung  >  php写的设置过滤及保留属性的类

php写的设置过滤及保留属性的类

WBOY
WBOYOriginal
2016-07-25 09:04:191000Durchsuche
  1. /**
  2. @ 设置及保留属性的类
  3. @ class cleanHtml
  4. @ link:bbs.it-home.org
  5. @ date:2013/2/28
  6. */
  7. function reg_escape( $str )
  8. {
  9. $conversions = array( "^" => "\^", "[" => "\[", "." => "\.", "$" => "\$", "{" => "\{", "*" => "\*", "(" => "\(", "\\" => "\\\\", "/" => "\/", "+" => "\+", ")" => "\)", "|" => "\|", "?" => "\?", " "\" => "\>" );
  10. return strtr( $str, $conversions );
  11. }
  12. /**
  13. * Strip attribute Class
  14. * Remove attributes from XML elements
  15. * @author David (semlabs.co.uk)
  16. * @version 0.2.1
  17. */
  18. class cleanHtml{
  19. public $str = '';
  20. public $allow = array();
  21. public $exceptions = array();
  22. public $ignore = array();
  23. public function strip( $str )
  24. {
  25. $this->str = $str;
  26. if( is_string( $str ) && strlen( $str ) > 0 )
  27. {
  28. $res = $this->findElements();
  29. if( is_string( $res ) )
  30. return $res;
  31. $nodes = $this->findAttributes( $res );
  32. $this->removeAttributes( $nodes );
  33. }
  34. return $this->str;
  35. }
  36. private function findElements()
  37. {
  38. # Create an array of elements with attributes
  39. $nodes = array();
  40. preg_match_all( "/\n]+)([^>]*)>/i", $this->str, $elements );
  41. foreach( $elements[1] as $el_key => $element )
  42. {
  43. if( $elements[2][$el_key] )
  44. {
  45. $literal = $elements[0][$el_key];
  46. $element_name = $elements[1][$el_key];
  47. $attributes = $elements[2][$el_key];
  48. if( is_array( $this->ignore ) && !in_array( $element_name, $this->ignore ) )
  49. $nodes[] = array( 'literal' => $literal, 'name' => $element_name, 'attributes' => $attributes );
  50. }
  51. }
  52. # Return the XML if there were no attributes to remove
  53. if( !$nodes[0] )
  54. return $this->str;
  55. else
  56. return $nodes;
  57. }
  58. private function findAttributes( $nodes )
  59. {
  60. # Extract attributes
  61. foreach( $nodes as &$node )
  62. {
  63. preg_match_all( "/([^ =]+)\s*=\s*[\"|']{0,1}([^\"']*)[\"|']{0,1}/i", $node['attributes'], $attributes );
  64. if( $attributes[1] )
  65. {
  66. foreach( $attributes[1] as $att_key => $att )
  67. {
  68. $literal = $attributes[0][$att_key];
  69. $attribute_name = $attributes[1][$att_key];
  70. $value = $attributes[2][$att_key];
  71. $atts[] = array( 'literal' => $literal, 'name' => $attribute_name, 'value' => $value );
  72. }
  73. }
  74. else
  75. $node['attributes'] = null;
  76. $node['attributes'] = $atts;
  77. unset( $atts );
  78. }
  79. return $nodes;
  80. }
  81. private function removeAttributes( $nodes )
  82. {
  83. # Remove unwanted attributes
  84. foreach( $nodes as $node )
  85. {
  86. # Check if node has any attributes to be kept
  87. $node_name = $node['name'];
  88. $new_attributes = '';
  89. if( is_array( $node['attributes'] ) )
  90. {
  91. foreach( $node['attributes'] as $attribute )
  92. {
  93. if( ( is_array( $this->allow ) && in_array( $attribute['name'], $this->allow ) ) || $this->isException( $node_name, $attribute['name'], $this->exceptions ) )
  94. $new_attributes = $this->createAttributes( $new_attributes, $attribute['name'], $attribute['value'] );
  95. }
  96. }
  97. $replacement = ( $new_attributes ) ? "" : "";
  98. $this->str = preg_replace( '/'. reg_escape( $node['literal'] ) .'/', $replacement, $this->str );
  99. }
  100. }
  101. private function isException( $element_name, $attribute_name, $exceptions )
  102. {
  103. if( array_key_exists($element_name, $this->exceptions) )
  104. {
  105. if( in_array( $attribute_name, $this->exceptions[$element_name] ) )
  106. return true;
  107. }
  108. return false;
  109. }
  110. private function createAttributes( $new_attributes, $name, $value )
  111. {
  112. if( $new_attributes )
  113. $new_attributes .= " ";
  114. $new_attributes .= "$name=\"$value\"";
  115. return $new_attributes;
  116. }
  117. }
  118. ?>
复制代码

调用实例:

  1. $str = 'Here is some sample html that is getting broken php写的设置过滤及保留属性的类 ';
  2. $sa = new cleanHtml;
  3. $sa->allow = array( 'id' );
  4. $sa->exceptions = array(
  5. 'img' => array( 'src', 'alt' ),
  6. 'a' => array( 'href', 'title' ),
  7. 'iframe'=>array('src','frameborder'),
  8. );
  9. echo $str = $sa->strip( $str );
  10. ?>
复制代码


Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn