php filter unsafe character function
function uh($str)
{
$farr = array(
"/s+/",//Filter excess whitespace
"/<(/?)(script|i?frame|style|html|body|title|link|meta|?|%)([^>]*?)>/isU",//Filter< ;script and other code that may introduce malicious content or maliciously change the display layout. If you don’t need to insert flash, etc., you can also add
"/(<[^>]*)on[a-zA-Z]+s*=([^>]*>)/isU",//Filter JavaScript on event
);
$tarr = array(
" ",
"<\1\2\3>", //If you want to directly clear unsafe tags, you can leave it blank here
"\1\2",
);
$str = preg_replace($farr,$tarr,$str);
Return $str;