Home > Article > Backend Development > php中过滤html代码的函数 提高程序安全性_PHP
php中过滤html代码的函数 提高程序安全性_PHP
- WBOYOriginal
- 2016-06-01 12:20:43822browse
用PHP过滤html里可能被利用来引入外部危险内容的代码。有些时候,需要让用户提交html内容,以便丰富用户发布的信息,当然,有些可能造成显示页面布局混乱的代码也在过滤范围内。
以下为过滤HTML代码的函数:
| function ihtmlspecialchars($string) { if(is_array($string)) { foreach($string as $key => $val) { $string[$key] = ihtmlspecialchars($val); } } else { $string = preg_replace('/&((#(\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1', str_replace(array('&', '"', ''), array('&', '"', '<', '>'), $string)); } return $string; } |
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP新手教程: clearstatcache() 函数详解_PHPNext article:PHP中用set_time_limit(0)长连接的实现_PHP