PHP过滤HTML标签的三种方法-php手册-php.cn

Rumah

php教程

php手册

PHP过滤HTML标签的三种方法

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Oct 28, 2016 pm 03:03 PM

在做项目的过程中，我们经常需要用到过滤一些html标签来实现提高数据的安全性，其实就是删除那些对应用程序有潜在危害的数据。它用于去除标签以及删除或编码不需要的字符。
首先分享一些比较常见的

<span style="color: #800080">$str</span>=<span style="color: #008080">preg_replace</span>("/<s>]*?srcs*=s*('|")(.*?)\1[^>]*?/?s*>/i","", <span style="color: #800080">$str</span><span style="color: #000000">); //过滤img标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/s+/","", <span style="color: #800080">$str</span><span style="color: #000000">); //过滤多余回车  
   
</span><span style="color: #800080">$str</span>=preg_replace("/$str); //过滤<__ style="color: #000000">号后面带空格)  
   
<span style="color: #800080">$str</span>=preg_replace("/<!--.*?-->/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //注释  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤DOCTYPE  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤html标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤head标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤meta标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤body标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤link标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤form标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/cookie/si","COOKIE",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤COOKIE标签  
// http://www.manongjc.com/article/1345.html  
</span><span style="color: #800080">$str</span>=preg_replace("/(.*?)/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤applet标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤applet标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/(.*?)/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤style标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤style标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/(.*?)/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤title标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤title标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/object.*?)>(.*?)object.*?)>/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤object标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤object标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/(.*?)/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤noframes标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤noframes标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/(.*?)/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤frame标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤frame标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/(.*?)/si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤script标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("//si","",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤script标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/javascript/si","Javascript",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤script标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/vbscript/si","Vbscript",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤script标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/on([a-z]+)s*=/si","On\1=",<span style="color: #800080">$str</span><span style="color: #000000">); //过滤script标签  
   
</span><span style="color: #800080">$str</span>=preg_replace("/&<span style="color: #008000">#</span><span style="color: #008000">/si","&＃",$str); //过滤script标签  </span></__></s>

Salin selepas log masuk

更简单些的写法：

<span style="color: #0000ff">function</span> delhtml(<span style="color: #800080">$str</span>){  <span style="color: #008000">//</span><span style="color: #008000">清除html标签  </span>
<span style="color: #800080">$st</span>=-1; <span style="color: #008000">//</span><span style="color: #008000">开始  </span>
<span style="color: #800080">$et</span>=-1; <span style="color: #008000">//</span><span style="color: #008000">结束  </span>
<span style="color: #800080">$stmp</span>=<span style="color: #0000ff">array</span><span style="color: #000000">();  
</span><span style="color: #800080">$stmp</span>[]=" "<span style="color: #000000">;  
</span><span style="color: #800080">$len</span>=<span style="color: #008080">strlen</span>(<span style="color: #800080">$str</span><span style="color: #000000">);  
</span><span style="color: #0000ff">for</span>(<span style="color: #800080">$i</span>=0;<span style="color: #800080">$i</span>$len;<span style="color: #800080">$i</span>++<span style="color: #000000">){  
  </span><span style="color: #800080">$ss</span>=<span style="color: #008080">substr</span>(<span style="color: #800080">$str</span>,<span style="color: #800080">$i</span>,1<span style="color: #000000">);  
  </span><span style="color: #0000ff">if</span>(<span style="color: #008080">ord</span>(<span style="color: #800080">$ss</span>)==60){ <span style="color: #008000">//</span><span style="color: #008000">ord("
  <span style="color: #800080">$st</span>=<span style="color: #800080">$i</span><span style="color: #000000">;  
  }  
  </span><span style="color: #0000ff">if</span>(<span style="color: #008080">ord</span>(<span style="color: #800080">$ss</span>)==62){ <span style="color: #008000">//</span><span style="color: #008000">ord(">")==62  </span>
  <span style="color: #800080">$et</span>=<span style="color: #800080">$i</span><span style="color: #000000">;  
  </span><span style="color: #0000ff">if</span>(<span style="color: #800080">$st</span>!=-1<span style="color: #000000">){  
   </span><span style="color: #800080">$stmp</span>[]=<span style="color: #008080">substr</span>(<span style="color: #800080">$str</span>,<span style="color: #800080">$st</span>,<span style="color: #800080">$et</span>-<span style="color: #800080">$st</span>+1<span style="color: #000000">);  
  }  
  }  
}  
</span><span style="color: #800080">$str</span>=<span style="color: #008080">str_replace</span>(<span style="color: #800080">$stmp</span>,"",<span style="color: #800080">$str</span><span style="color: #000000">);  
</span><span style="color: #0000ff">return</span> <span style="color: #800080">$str</span><span style="color: #000000">;  
} </span></span>

Salin selepas log masuk

再来一个：

<span style="color: #0000ff">function</span> clear_html_label(<span style="color: #800080">$html</span><span style="color: #000000">)   
{   
</span><span style="color: #800080">$search</span> = <span style="color: #0000ff">array</span> ("'<script>]*?>.*?</script>'si", "']*?>'si", "'([rn])[s]+'", "'&(quot|#34);'i", "'&(amp|#38);'i", "'&(lt|#60);'i", "'&(gt|#62);'i", "'&(nbsp|#160);'i", "'&(iexcl|#161);'i", "'&(cent|#162);'i", "'&(pound|#163);'i", "'&(copy|#169);'i", "'(d+);'e"<span style="color: #000000">);   
</span><span style="color: #800080">$replace</span> = <span style="color: #0000ff">array</span> ("", "", "1", """, "&", "", " ", chr(161), chr(162), chr(163), chr(169), "<span style="color: #008080">chr</span>(1)"<span style="color: #000000">);  
return preg_replace(</span><span style="color: #800080">$search</span>, <span style="color: #800080">$replace</span>, <span style="color: #800080">$html</span><span style="color: #000000">);   
}  </span>

Salin selepas log masuk

Kenyataan Laman Web ini

Kandungan artikel ini disumbangkan secara sukarela oleh netizen, dan hak cipta adalah milik pengarang asal. Laman web ini tidak memikul tanggungjawab undang-undang yang sepadan. Jika anda menemui sebarang kandungan yang disyaki plagiarisme atau pelanggaran, sila hubungi admin@php.cn