Home > Article > Backend Development > PHP malicious code filtering function_PHP tutorial

PHP malicious code filtering function_PHP tutorial

WBOYOriginal: 2016-07-13 17:09:201122browse

php malicious code filtering function

Public Function DecodeFilter(html, filter)
html=LCase(html)
                filter=split(filter,",")
For Each i In filter
Select Case i
Case "Script" 'Remove all client scripts JavaScipt, VBScript, JScript, JS, VBS, Event, ...
                                                                                                                                                                                                                                                             Html = exce ("& lt;/? Script [^& gt;]*& gt;", "", html)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               Case "TABLE":                     ' Remove the table

	Html = exce ("& lt;/? Tr [^& gt;]& gt;", "", "", html) Html = exce ("& lt;/? Th [^& gt;]& gt;", "", "", html) Html = exce ("& lt;/? Td [^& gt;]& gt;", "", "", html) Html = exce ("& lt;/? TBODY [^& gt;]& gt;", "", html) Case "class" 'to remove style class class = " Html = Exre ("(& lt; [^& gt;]+) class = [^\|^& gt;]([^& gt;]& gt;)", "$ 1 $ 2", html) Case "style" 'to remove style style = " Html = Exre ("(& lt; [^& gt;]+) style =" [^""] "" ([^& gt;]& gt;) "," $ 1 $ 2 ", html) Html = exce ("(& lt; [^& gt;]+) style = '[^']'([^& gt;]& gt;)", "$ 1 $ 2", html) Case "img" 'Remove style style = " Html = exce ("& lt;/? Img [^& gt;]& gt;", "", html) Case "XML" ' Remove XML Html = exere ("& lt; \? Xml [^& gt;]& gt;", "", html) Case "namespace" '' Remove the name space & lt; o & gt; & lt;/o & gt; Html = exce ("& lt;/? [A-z]+: [^& gt;]& gt;", "", html) Case "font" 'Remove the font & lt; font & gt; & lt;/font & gt; Html = Exray ("& lt;/? A [^& gt;]& gt;", "", "", html) Html = Exre ("& lt;/? Span [^& gt;]& gt;", "", "", html) Html = exce ("& lt;/? Br [^& gt;]& gt;", "", "", html) Case "marquee" 'Remove subtitles & lt; marquee & gt; & lt;/marquee & gt; ‐‐‐ out can be found Html = Exray ("& lt;/? Object [^& gt;]& gt;", "", html) 'html = exeRE("]>", "", html) Case "EMBED" Html = Exre ("& lt;/? Embed [^& gt;]& gt;", "", "", html) Case "DIV" 'Remove the object & lt; object & gt; & lt; param & lt; & lt; & lt;/object & gt; Html = exere ("& lt;/? Div ([^& gt;])& gt;", "$ 1", html) Html = exce ("& lt;/? P ([^& gt;])& gt;", "$ 1", html) Case "Online" 'Remove style style = " Html = Exre ("(& lt; [^& gt;]+) online =" "[^" "]" "([^& gt;]& gt;)", "$ 1 $ 2", html) html = exeRE("(<[^>]+) onload='[^']'([^>]>)", "$1 $2", html) Case "ONCLICK" ' 去除样式 html = exeRE("(<[^>]+) onclick=""[^""]""([^>]>)", "$1 $2", html) html = exeRE("(<[^>]+) onclick='[^']'([^>]>)", "$1 $2", html) Case "ONDBCLICK" ' 去除样式 html = exeRE("(<[^>]+) ondbclick=""[^""]""([^>]>)", "$1 $2", html) html = exeRE("(<[^>]+) ondbclick='[^']'([^>]>)", "$1 $2", html) End Select Next 'html = Replace(html," 'html = Replace(html," 'html = Replace(html," DecodeFilter = html End Function http://www.bkjia.com/PHPjc/629754.htmlwww.bkjia.comtruehttp://www.bkjia.com/PHPjc/629754.htmlTechArticlephp 恶意代码过滤函数 Public Function DecodeFilter(html, filter) html=LCase(html) filter=split(filter,,) For Each i In filter Select Case i Case SCRIPT ' 去除所有客户端... Statement： The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn Previous article：php get post passes data security issues_PHP tutorialNext article：php get post passes data security issues_PHP tutorial Related articles See more* How to use cURL to implement Get and Post requests in PHP How to use cURL to implement Get and Post requests in PHP How to use cURL to implement Get and Post requests in PHP How to use cURL to implement Get and Post requests in PHP All expression symbols in regular expressions (summary) Home Course Q&A My Home Course Article Q&A Dictionary Manual Download Topic Home Article Q&A Course Topic Download Game Dictionary 简体中文（ZH-CN）English（EN）繁体中文（ZH-TW）日本語（JA）한국어（KO）Melayu（MS）Français（FR）Deutsch（DE）

Html = exce ("& lt;/? Tr [^& gt;]*& gt;", "", "", html)
Html = exce ("& lt;/? Th [^& gt;]*& gt;", "", "", html)
Html = exce ("& lt;/? Td [^& gt;]*& gt;", "", "", html)
Html = exce ("& lt;/? TBODY [^& gt;]*& gt;", "", html)
Case "class" 'to remove style class class = "
Html = Exre ("(& lt; [^& gt;]+) class = [^|^& gt;]*([^& gt;]*& gt;)", "$ 1 $ 2", html)
Case "style" 'to remove style style = "
Html = Exre ("(& lt; [^& gt;]+) style =" [^""] "" ([^& gt;]*& gt;) "," $ 1 $ 2 ", html)
Html = exce ("(& lt; [^& gt;]+) style = '[^']*'([^& gt;]*& gt;)", "$ 1 $ 2", html)
Case "img" 'Remove style style = "
Html = exce ("& lt;/? Img [^& gt;]*& gt;", "", html)
Case "XML" ' Remove XML
Html = exere ("& lt; \? Xml [^& gt;]*& gt;", "", html)
Case "namespace" '' Remove the name space & lt; o

& gt; & lt;/o

& gt;
Html = exce ("& lt;/? [A-z]+: [^& gt;]*& gt;", "", html)
Case "font" 'Remove the font & lt; font & gt; & lt;/font & gt;
                                                                                                                                                                                                                                                                          Html = Exray ("& lt;/? A [^& gt;]*& gt;", "", "", html)
Html = Exre ("& lt;/? Span [^& gt;]*& gt;", "", "", html)
Html = exce ("& lt;/? Br [^& gt;]*& gt;", "", "", html)
Case "marquee" 'Remove subtitles & lt; marquee & gt; & lt;/marquee & gt;
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         ‐‐‐ out can be found Html = Exray ("& lt;/? Object [^& gt;]*& gt;", "", html)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   'html = exeRE("]*>", "", html)
Case "EMBED"
Html = Exre ("& lt;/? Embed [^& gt;]*& gt;", "", "", html)
Case "DIV" 'Remove the object & lt; object & gt; & lt; param & lt; & lt; & lt;/object & gt;
Html = exere ("& lt;/? Div ([^& gt;])*& gt;", "$ 1", html)
Html = exce ("& lt;/? P ([^& gt;])*& gt;", "$ 1", html)
Case "Online" 'Remove style style = "
Html = Exre ("(& lt; [^& gt;]+) online =" "[^" "]" "([^& gt;]*& gt;)", "$ 1 $ 2", html)
            html = exeRE("(<[^>]+) onload='[^']*'([^>]*>)", "$1 $2", html)
         Case "ONCLICK"    ' 去除样式
            html = exeRE("(<[^>]+) onclick=""[^""]*""([^>]*>)", "$1 $2", html)
            html = exeRE("(<[^>]+) onclick='[^']*'([^>]*>)", "$1 $2", html)
         Case "ONDBCLICK"    ' 去除样式
            html = exeRE("(<[^>]+) ondbclick=""[^""]*""([^>]*>)", "$1 $2", html)
            html = exeRE("(<[^>]+) ondbclick='[^']*'([^>]*>)", "$1 $2", html)

      End Select
   Next
   'html = Replace(html,"    'html = Replace(html,"    'html = Replace(html,"    DecodeFilter = html
End Function

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：php get post passes data security issues_PHP tutorialNext article：php get post passes data security issues_PHP tutorial

See more

PHP malicious code filtering function_PHP tutorial

php malicious code filtering function

Related articles