Maison > Article > développement back-end > php 恶意代码过滤函数_PHP教程
Public Function DecodeFilter(html, filter)
html=LCase(html)
filter=split(filter,",")
For Each i In filter
Select Case i
Case "SCRIPT" ' 去除所有客户端脚本javascipt,vbscript,jscript,js,vbs,event,...
html = exeRE("(javascript|jscript|vbscript|vbs):", "#", html)
html = exeRE("?script[^>]*>", "", html)
html = exeRE("on(mouse|exit|error|click|key)", "", html)
Case "TABLE": ' 去除表格
html = exeRE("?table[^>]*>", "", html) html = exeRE("?tr[^>]*>", "", html) html = exeRE("?th[^>]*>", "", html) html = exeRE("?td[^>]*>", "", html) html = exeRE("?tbody[^>]*>", "", html) Case "CLASS" ' 去除样式类class="" html = exeRE("(]+) class=[^ |^>]*([^>]*>)", "$1 $2", html) Case "STYLE" ' 去除样式 html = exeRE("(]+) [^""]*""([^>]*>)", "$1 $2", html) html = exeRE("(]+) style='[^']*'([^>]*>)", "$1 $2", html) Case "IMG" ' 去除样式 html = exeRE("?img[^>]*>", "", html) Case "XML" ' 去除XML html = exeRE("]*>", "", html) Case "NAMESPACE" ' 去除命名空间 html = exeRE("]*>", "", html) Case "FONT" ' 去除字体 html = exeRE("?font[^>]*>", "", html) html = exeRE("?a[^>]*>", "", html) html = exeRE("?span[^>]*>", "", html) html = exeRE("?br[^>]*>", "", html) Case "MARQUEE" ' 去除字幕 html = exeRE("?marquee[^>]*>", "", html) Case "OBJECT" ' 去除对象 html = exeRE("?object[^>]*>", "", html) html = exeRE("?param[^>]*>", "", html) 'html = exeRE("?embed[^>]*>", "", html) Case "EMBED" html = exeRE("?embed[^>]*>", "", html) Case "DIV" ' 去除对象 html = exeRE("?div([^>])*>", "$1", html) html = exeRE("?p([^>])*>", "$1", html) Case "ONLOAD" ' 去除样式 html = exeRE("(]+) onload=""[^""]*""([^>]*>)", "$1 $2", html) html = exeRE("(]+) onload='[^']*'([^>]*>)", "$1 $2", html) Case "ONCLICK" ' 去除样式 html = exeRE("(]+) onclick=""[^""]*""([^>]*>)", "$1 $2", html) html = exeRE("(]+) onclick='[^']*'([^>]*>)", "$1 $2", html) Case "ONDBCLICK" ' 去除样式 html = exeRE("(]+) ondbclick=""[^""]*""([^>]*>)", "$1 $2", html) html = exeRE("(]+) ondbclick='[^']*'([^>]*>)", "$1 $2", html) End Select Next 'html = Replace(html," |
|
---|---|
DecodeFilter = html |