php HtmlReplace input filtering security function example code

HtmlReplace replaces the contents of all HTML files or selected HTML files in a directory with the contents of the specified file. This is particularly useful for batch changes to the same content of web pages (such as menu bars).

This replacement function can filter some security input by the user to prevent users from submitting unsafe code.

// $rptype = 0 表示仅替换 html标记 
// $rptype = 1 表示替换 html标记同时去除连续空白字符 
// $rptype = 2 表示替换 html标记同时去除所有空白字符 
// $rptype = -1 表示仅替换 html危险的标记 
function HtmlReplace($str,$rptype=0) 
{ 
$str = stripslashes($str); 
if($rptype==0) 
{ 
$str = htmlspecialchars($str); 
} 
else if($rptype==1) 
{ 
$str = htmlspecialchars($str); 
$str = str_replace(" ",' ',$str); 
$str = ereg_replace("[rnt ]{1,}",' ',$str); 
} 
else if($rptype==2) 
{ 
$str = htmlspecialchars($str); 
$str = str_replace(" ",'',$str); 
$str = ereg_replace("[rnt ]",'',$str); 
} 
else 
{ 
$str = ereg_replace("[rnt ]{1,}",' ',$str); 
$str = eregi_replace('script','ｓｃｒｉｐｔ',$str); 
$str = eregi_replace("<[/]{0,1}(link|meta|ifr|fra)[^>]*>",&#39;&#39;,$str); 
} 
return addslashes($str); 
}

The above is the detailed content of php HtmlReplace input filtering security function example code. For more information, please follow other related articles on the PHP Chinese website!