First we recommend filter_sanitize_string, filter_sanitize_string filter to remove or encode unwanted characters.
This filter deletes data that is potentially harmful to the application. It is used to remove labels and to delete or encode unwanted characters.
Name: "String"
id-number:513
Possible options or flags:
Filter_flag_no_encode_quotes-This flag does not encode quotes
Filter_flag_strip_low-Remove characters with ASCII value below 32
Filter_flag_strip_high-Removes ASCII values above 32 characters
Filter_flag_encode_low-characters encoded with ASCII values below 32
Filter_flag_encode_high-encoded ASCII values above 32 characters
Filter_flag_encode_amp-encode & characters as &
*/
$var = "<b>bill gates<b>";
Var_dump (Filter_var ($var, filter_sanitize_string));
/*
Second function strip_tags
The Strip_tags () function strips the tags of HTML, XML, and PHP tutorials.
Grammar
Strip_tags (String,allow)
*/
echo strip_tags ("Hello <b>world!</b>");
Hello world!
Function uh ($STR)
{
$farr = Array (
"/s+/",
Filter for extra whitespace
"/< (/?) (script|i?frame|style|html|body|title|link|meta|?|%) ([^>]*?) >/isu ",
Filtering <script can introduce malicious content or malicious changes to display the layout of the code, if you do not need to insert flash, and so on, but also
To join the <object filter
"/(<[^>]*) on[a-za-z]+s*= ([^>]*>)/isu",
On event to filter the web effects
);
$tarr = Array (
" ",
' <123> ',//If you want to clear the unsafe label directly, leave this blank
"12",
);
$str = Preg_replace ($farr, $tarr, $STR);
return $str;
}
For more details please see: http://www.111cn.net/phper/19/70dd2a905e74cefc9be9c0f17268dadc.htm
?>