Html code that uses PHP to filter submitted forms may contain code that introduces external dangerous content. For example, some forms submitted by the user contain html content, but this may cause confusion in the layout of the display page and need to be filtered out. The following is the program code
Html code that uses PHP to filter submitted forms may contain code that introduces external dangerous content.
For example, some forms submitted by the user contain html content, but this may cause confusion in the layout of the display page and need to be filtered out.
The following is the program code
Function uhtml ($ str) {$ farr = array ("/\ s + /", // filter unnecessary spaces // filter scripts and other code that may introduce malicious content or maliciously change the display layout. if you do not need to insert flash, you can also add"/<(\/?) (Script | I? Frame | style | html | body | title | link | meta | \? | \ %) ([^>] *?)> /IsU ","/(<[^>] *) on [a-zA-Z] + \ s * = ([^>] *>)/isU ", // filter javascript on events); $ tarr = array ("", "<\ 1 \ 2 \ 3>", // to directly clear insecure tags, "\ 1 \ 2",); $ str = preg_replace ($ farr, $ tarr, $ str); return $ str ;}