Home > Backend Development > PHP Tutorial > PHP implements filtering various HTML tags_PHP tutorial

PHP implements filtering various HTML tags_PHP tutorial

WBOY
Release: 2016-07-13 09:53:53
Original
1197 people have browsed it

PHP implements filtering of various HTML tags

In the process of doing projects, we often need to filter some HTML tags to improve data security. In fact, it is to delete those Data that is potentially harmful to the application. It is used to strip tags and remove or encode unwanted characters.

First share some common ones

 ?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

$str=preg_replace("/]*?srcs*=s*('|")(.*?)1[^>]*?/?s*> ;/i","", $str); //Filter img tag

$str=preg_replace("/s /","", $str); //Filter redundant carriage returns

$str=preg_replace("/<[ ] /si","<",$str); //Filter <__("<" with a space after it)

$str=preg_replace("//si","",$str); //Comments

$str=preg_replace("/<(!.*?)>/si","",$str); //Filter DOCTYPE

$str=preg_replace("/<(/?html.*?)>/si","",$str); //Filter html tags

$str=preg_replace("/<(/?head.*?)>/si","",$str); //Filter head tag

$str=preg_replace("/<(/?meta.*?)>/si","",$str); //Filter meta tags

$str=preg_replace("/<(/?body.*?)>/si","",$str); //Filter body tag

$str=preg_replace("/<(/?link.*?)>/si","",$str); //Filter link tags

$str=preg_replace("/<(/?form.*?)>/si","",$str); //Filter form tags

$str=preg_replace("/cookie/si","COOKIE",$str); //Filter COOKIE tags

$str=preg_replace("/<(applet.*?)>(.*?)<(/applet.*?)>/si","",$str); //Filter applet tag

$str=preg_replace("/<(/?applet.*?)>/si","",$str); //Filter applet tags

$str=preg_replace("/<(style.*?)>(.*?)<(/style.*?)>/si","",$str); //Filter style tag

$str=preg_replace("/<(/?style.*?)>/si","",$str); //Filter style tag

$str=preg_replace("/<(title.*?)>(.*?)<(/title.*?)>/si","",$str); //Filter title tag

$str=preg_replace("/<(/?title.*?)>/si","",$str); //Filter title tag

$str=preg_replace("/<(object.*?)>(.*?)<(/object.*?)>/si","",$str); //Filter object tag

$str=preg_replace("/<(/?objec.*?)>/si","",$str); //Filter object tag

$str=preg_replace("/<(noframes.*?)>(.*?)<(/noframes.*?)>/si","",$str); //Filter noframes tag

$str=preg_replace("/<(/?noframes.*?)>/si","",$str); //Filter noframes tag

$str=preg_replace("/<(i?frame.*?)>(.*?)<(/i?frame.*?)>/si","",$str) ; //Filter frame tag

$str=preg_replace("/<(/?i?frame.*?)>/si","",$str); //Filter frame tag

$str=preg_replace("/<(script.*?)>(.*?)<(/script.*?)>/si","",$str); //Filter script tag

$str=preg_replace("/<(/?script.*?)>/si","",$str); //Filter script tags

$str=preg_replace("/javascript/si","Javascript",$str); //Filter script tags

$str=preg_replace("/vbscript/si","Vbscript",$str); //Filter script tags

$str=preg_replace("/on([a-z] )s*=/si","On1=",$str); //Filter script tags

$str=preg_replace("//si","",$str); //Filter script tags

A simpler way of writing:

 ?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

function delhtml($str){ //清除html标签

$st=-1; //开始

$et=-1; //结束

$stmp=array();

$stmp[]=" ";

$len=strlen($str);

for($i=0;$i<$len;$i ){

$ss=substr($str,$i,1);

if(ord($ss)==60){ //ord("<")==60

$st=$i;

}

if(ord($ss)==62){ //ord(">")==62

$et=$i;

if($st!=-1){

$stmp[]=substr($str,$st,$et-$st 1);

}

}

}

$str=str_replace($stmp,"",$str);

return $str;

}

1

2

3

1

2

3

4

5

6

function clear_html_label($html)

{

$search = array ("']*?>.*?'si", "'<[/!]*?[^<>]*?>'si", "'([rn])[s] '", "'&(quot|#34);'i", "'&(amp|#38);'i", "'&(lt|#60);'i", "'&(gt|#62);'i", "'&(nbsp|#160);'i", "'&(iexcl|#161);'i", "'&(cent|#162);'i", "'&(pound|#163);'i", "'&(copy|#169);'i", "'&#(d );'e");

$replace = array ("", "", "1", """, "&", "<", ">", " ", chr(161), chr(162), chr(163), chr(169), "chr(1)");

return preg_replace($search, $replace, $html);

}

4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
function delhtml($str){ //Clear html tag $st=-1; //Start $et=-1; //End $stmp=array(); $stmp[]=" "; $len=strlen($str); for($i=0;$i<$len;$i ){<🎜> <🎜>$ss=substr($str,$i,1);<🎜> <🎜>if(ord($ss)==60){ //ord("<")==60<🎜> <🎜>$st=$i;<🎜> <🎜>}<🎜> <🎜>if(ord($ss)==62){ //ord(">")==62 $et=$i; if($st!=-1){ $stmp[]=substr($str,$st,$et-$st 1); } } } $str=str_replace($stmp,"",$str); return $str; } One more one:  ?
1 2 3 4 5 6 function clear_html_label($html) { $search = array ("']*?>.*?'si", "'<[/!]*?[^<> ]*?>'si", "'([rn])[s] '", "'&(quot|#34);'i", "'&(amp|#38);'i", "'&(lt|#60);'i", "'&(gt|#62);'i", "'&(nbsp|#160);'i", "'&(iexcl|#161 );'i", "'&(cent|#162);'i", "'&(pound|#163);'i", "'&(copy|#169);'i", "' (d );'e"); $replace = array ("", "", "1", """, "&", "<", ">", " ", chr(161), chr(162), chr (163), chr(169), "chr(1)"); return preg_replace($search, $replace, $html); }

All the above three methods can be implemented, but each has its own advantages and disadvantages. Friends, please choose according to your own project needs.

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/1000069.htmlTechArticlePHP implements filtering of various HTML tags. In the process of working on projects, we often need to filter some HTML tags. To improve data security, it is actually to delete those files that are harmful to the application...
Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template