Filter HTML online editors to generate harmful code

Some powerful online editors already include code sorting and filtering functions, but js processing can be easily ignored. The server must filter again. It took a few days I took some time and wrote part of it. I hope it will be of some use to everyone. My ability is limited, so I would like to ask capable friends to complete it.



/*Array that does not require filtering*/
$htm_on=array(
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"font");

$htm_on_uper=array(
"",
"",
"< BUTTON","BUTTON>",
"",
"",
"",
"",
"",
"",
"",
"",
"",
"FONT");

/* Character format*/
$str=strtolower($str);
$str=preg_replace("//s+/", " ", $str);//Filter carriage return
$str=preg_replace ("/ +/", " ", $str);//Filter multiple spaces

/*Filter/replace several forms of js*/
$str=preg_replace("/< (script.*?)>(.*?)<(//script.*?)>/si","",$str);//Delete <script>. . . </script>Format,
//$str=preg_replace("/<(script.*?)>(.*?)<(//script.*?)>/si", "//2",$str);//Replace with something that can be displayed,

$str=preg_replace("/<(script.*?) >/si","",$str);//Delete

• Summary of Html knowledge
• How to learn HTML quickly
• The difference between html xhtml xml
• The difference between src and href attributes
• About HTML5 and CSS replacement use