Inside the public function functions
Selective filtering XSS-"Description: Very low performance-" Try to use less
function Removexss ($data)
{
Require_once './htmlpurifier/htmlpurifier.auto.php ';
$_clean_xss_config = Htmlpurifier_config::createdefault ();
$_clean_xss_config->set (' core.encoding ', ' UTF-8 ');
Set a reserved label
$_clean_xss_config->set (' HTML. Allowed ', ' div,b,strong,i,em,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src] ');
$_clean_xss_config->set (' CSS. Allowedproperties ', ' Font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color, Background-color,text-align ');
$_clean_xss_config->set (' HTML. Targetblank ', TRUE);
$_clean_xss_obj = new Htmlpurifier ($_clean_xss_config);
Perform filtering
Return $_clean_xss_obj->purify ($data);
}
Call this method in the model
protected function _before_insert (& $data, $option)
{
Gets the current time added to the form
$data [' Addtime ']=date (' y-m-d h:i:s ', Time ());
We'll filter this field by ourselves.
$data [' Goods_desc ']= removexss ($_post[' Goods_desc ']);
}
If you use an online editor in your project, you need to use Htmlpurifer to implement selective filtering XSS!!
Htmlpurifier Filter the Dangerous JS code