Add some PHP functions for canonicalized Input and Output

During the PHP website development process, you may encounter many escape points. Below we recommend several good functions to improve the standardization of website input and output.

1. plain text output, suitable for input

function t($text){$text = h($text);$text = strip_tags($text);return $text;}

2. Multi-line plain text is suitable for textarea

function text($text){    return trim(nl2br(str_replace(' ', ' ', htmlspecialchars($text))));}

3. Change the html line feed to a carriage return.

function br2nl($text){   return trim(preg_replace('/<br\\s*\/?'.'>/i', '', $text));}

4. Output Secure html

Function h ($ text) {$ text = trim ($ text); $ text = stripslashes ($ text); // fully filter comments $ text = preg_replace ('/<! --?. * -->/', '', $ Text); // completely filter dynamic code $ text = preg_replace ('/<\? | \? '.'>/', '', $ Text); // completely filter js $ text = preg_replace ('/<script ?. * \/Script>/', '', $ text); $ text = str_replace (' [',' [', $ text ); $ text = str_replace (']', ']', $ text); $ text = str_replace ('|', '|', $ text ); // filter the linefeed $ text = preg_replace ('/\ r? \ N/', '', $ text); // br $ text = preg_replace ('/<br (\ s \/)? '. '>/I', '[br]', $ text); $ text = preg_replace ('/(\ [br \] \ s *) {10 ,} /I ',' [br] ', $ text); // hr img area input $ text = preg_replace ('/<(hr | img | input | area | isindex) ([^> <\ [\] *)>/I ',' [\ 1 \ 2] ', $ text ); // filter excess html $ text = preg_replace ('/<\/? (Html | head | meta | link | base | body | title | style | script | form | iframe | frame | frameset) [^> <] *>/I ', '', $ text); // filter on Event lang jswhile (preg_match ('/(<[^> <] +) (lang | onfinish | onmouse | onexit | onerror | onclick | onkey | onload | onchange | onfocus | onblur) [^> <] +/I ', $ text, $ mat )) {$ text = str_replace ($ mat [0], $ mat [1], $ text);} while (preg_match ('/(<[^> <] +) (window \. | javascript: | js: | about: | file: | document \. | vbs: | cookie) ([^> <] *)/I ', $ text, $ mat) {$ text = str_replace ($ mat [0], $ mat [1]. $ mat [3], $ text);} // filter valid html tags while (preg_match ('/<([a-z] +) [^> <\ [\] *> [^> <] * <\/\ 1>/I ', $ text, $ mat )) {$ text = str_replace ($ mat [0], str_replace ('>', ']', str_replace ('<', '[', $ mat [0]), $ text);} // convert the quotation mark while (preg_match ('/(\ [^ \ [\] * = \ s *) (\ "| \') ([^ \ 2 = \ [\] +) \ 2 ([^ \ [\] * \])/I ', $ text, $ mat )) {$ text = str_replace ($ mat [0], $ mat [1]. '| '. $ mat [3]. '| '. $ mat [4], $ text );} // filter the incorrect single quotation mark while (preg_match ('/\ [^ \ [\] * (\ "| \') [^ \ [\] * \]/I ', $ text, $ mat) {$ text = str_replace ($ mat [0], str_replace ($ mat [1], '', $ mat [0]), $ text );} // convert all other invalid <> $ text = str_replace ('<', '<', $ text); $ text = str_replace ('>', '> ', $ text); $ text = str_replace ('"', '"', $ text); // reverse conversion $ text = str_replace ('[', '<', $ text); $ text = str_replace (']', '>', $ text); $ text = str_replace ('|', '"', $ text ); // filter extra spaces $ text = str_replace ('','', $ text); return $ text ;}

5. Filter script code

Function cleanJs ($ text) {$ text = trim ($ text); $ text = stripslashes ($ text ); // completely filter dynamic code $ text = preg_replace ('/<\? | \? '.'>/', '', $ Text); // completely filter js $ text = preg_replace ('/<script ?. * \/Script>/', '', $ text); // filter excess html $ text = preg_replace ('/<\/? (Html | head | meta | link | base | body | title | style | script | form | iframe | frame | frameset) [^> <] *>/I ', '', $ text); // filter on Event lang jswhile (preg_match ('/(<[^> <] +) (lang | onfinish | onmouse | onexit | onerror | onclick | onkey | onload | onchange | onfocus | onblur) [^> <] +/I ', $ text, $ mat )) {$ text = str_replace ($ mat [0], $ mat [1], $ text);} while (preg_match ('/(<[^> <] +) (window \. | javascript: | js: | about: | file: | document \. | vbs: | cookie) ([^> <] *)/I ', $ text, $ mat) {$ text = str_replace ($ mat [0], $ mat [1]. $ mat [3], $ text);} return $ text ;}

6. Display plain text in the editor

function et($text){return trim(br2nl(str_replace(' ', ' ', $text )));}

7. display html in the html editor

function eh($text){return trim(str_replace('"','"', $text));}

8. determine the time distance

Function friendlyDate ($ sTime, $ type = 'normal', $ alt = 'false') {// sTime = source time, cTime = current time, dTime = time Difference $ cTime = time (); $ dTime = $ cTime-$ sTime; $ dDay = intval (date ("Ymd", $ cTime )) -intval (date ("Ymd", $ sTime); $ dYear = intval (date ("Y", $ cTime)-intval (date ("Y ", $ sTime); // normal: n seconds ago, n minutes ago, n hours ago, date if ($ type = 'normal') {if ($ dTime <60) {echo $ dTime. "seconds ago";} elseif ($ dTime <3600) {echo intval ($ dTime/60 ). "Minutes Ago";} elseif ($ dTime> = 3600 & $ dDay = 0) {echo intval ($ dTime/3600 ). "Hours Ago";} elseif ($ dYear = 0) {echo date ("m-d, H: I", $ sTime );} else {echo date ("Y-m-d, H: I", $ sTime);} // full: Y-m-d, H: I: s} elseif ($ type = 'full') {echo date ("Y-m-d, H: I: s", $ sTime );}}