Content filtering is mostly intended to prevent some security injection or cross-origin operations. Let's take a look at several simple anti-injection content filtering program codes that I have compiled. I hope the article will be helpful to you.
Method 1: Filter useless content
You can find other filtering methods on the Internet:
The Code is as follows: |
Copy code |
Function checkHtml ($ data ){ $ Ret = preg_match ("/['.,:;*?~ '! @ # $ % ^ & + =) (<>{}] | [|/| \ | "|/", $ Data ); If ($ ret = 1 ){ Return false; exit; } Else { Return true; } } |
Example 2 filter some html tags
The Code is as follows: |
Copy code |
Function uh ($ str) { $ Farr = array ( "/S +/", // filter unnecessary Spaces "/<(/?) (Scripti? Framestylehtmlbodytitlelinkmeta? %) ([^>] *?)> /IsU ", // filter <script and other code that may introduce malicious content or maliciously change the display layout. If you do not need to insert flash, you can also add <object Filtering "/(<[^>] *) On [a-zA-Z] + s * = ([^>] *>)/isU ", // filter javascript on events ); $ Tarr = array ( "", "<\ 1 \ 2 \ 3>", // If You Want To directly clear insecure labels, leave it blank. "\ 1 \ 2 ", ); $ Str = preg_replace ($ farr, $ tarr, $ str ); Return $ str; }
|
Method 3: The above two methods put the content to be filtered in the program. Below I will put the content to be filtered in a txt text, the first time I read the file content for judgment, this facilitates the maintenance of the content to be filtered.
The Code is as follows: |
Copy code |
<? Php If ($ _ POST) { // You can convert the file content to an array: /* $ Fcon = file_get_contents ("./filter.txt "); $ Filter_word = explode ("n", $ fcon ); */ $ Filter_word = file ("./filter.txt "); // $ Filter_word = array ("test1", "test2", "test3", "test4 "); $ Str = $ _ POST ["mess"]; For ($ I = 0; $ I <count ($ filter_word); $ I ++) { If (preg_match ("/". (trim ($ filter_word [$ I]). "/I", $ str )) { Echo "<script> alert ('the content you entered contains illegal content. Please try again! '); </Script> "; Echo "<a href = 'index. php'> return </a> "; Exit; } } Echo "the content you entered is:". $ str; } ?> <H2> test whether the filter is effective: <Form action = "<? Php echo $ _ SERVER ['php _ SELF '];?> "Method =" post "> <P> <textarea name = "mess" cols = "40" rows = "4"> </textarea> </p> <P> <input type = "submit" name = "sub" value = "send"> </p> </Form> |