Home > Article > Backend Development > PHP filters unsafe html_PHP tutorial
PHP filters unsafe html_PHP tutorial
- WBOYOriginal
- 2016-07-13 17:09:13686browse
php filters unsafe html Use PHP to filter code in html that may be exploited to introduce external dangerous content. Sometimes, users need to submit html content,
In order to enrich the information posted by users, of course, some codes that may cause confusion in the display page layout are also included in the filtering scope.
The following is a quote:
#HTML posted by users, filter dangerous codes
function uh($str)
{
$farr = array(
"/s+/",
//Filter out excess whitespace
"/<(/?)(script|i?frame|style|html|body|title|link|meta|?|%)([^>]*?)>/isU",
//Filter
To add filtering of
"/(<[^>]*)on[a-zA-Z]+s*=([^>]*>)/isU",
//Filter the on event of javascript
);
$tarr = array(
" ",
"<\1\2\3>", //If you want to directly clear unsafe tags, you can leave this blank
"\1\2",
);
$str = preg_replace( $farr,$tarr,$str);
}
http://www.bkjia.com/PHPjc/629758.html