Home  >  Article  >  php教程  >  php 过滤危险html代码

php 过滤危险html代码

WBOY
WBOYOriginal
2016-06-13 12:22:57917browse

#用户发布的html,过滤危险代码

复制代码 代码如下:


function uh($str)
{
$farr = array(
"/\s+/", //过滤多余的空白
"/]*?)>/isU", //过滤 <script>"/(<[^>]*)on[a-zA-Z]+\s*=([^>]*>)/isU", //过滤javascript的on事件 <BR>); <BR>$tarr = array( <BR>" ", <BR>"<\\1\\2\\3>", //如果要直接清除不安全的标签,这里可以留空 <BR>"\\1\\2", <BR>); <BR>$str = preg_replace( $farr,$tarr,$str); <BR>return $str; <BR>} <BR></script>

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn