/** HTML Attribute Filter * Date:2013-09-22 * Author:fdipzone * ver:1.0 * * Func: * Public Strip Filter Properties * Public Setallow setting allowed properties * Public SetException Set exceptions * Public Setignore Set ignored tags * Private findelements search for elements to be processed * Private Findattributes Search Properties * Private Removeattributes Removal properties * Private Isexception judge whether special * Private Createattributes Create attribute * Private protect special character escapes */ Class htmlattributefilter{//Class start Private $_str = '; SOURCE string Private $_allow = Array (); Allowed attributes such as: Array (' ID ', ' class ', ' title ') Private $_exception = Array (); Exceptions For example: Array (' A ' =>array (' href ', ' class '), ' span ' =>array (' class ')) Private $_ignore = Array (); Ignore filtered tags such as: Array (' span ', ' img ') /** processing HTML, filtering non-reserved properties * @param string $STR source strings * @return String */ Public function strip ($STR) { $this->_str = $str; if (is_string ($this->_str) && strlen ($this->_str) >0) {//Judgment string $this->_str = strtolower ($this->_str); Turn into lowercase $res = $this->findelements (); if (is_string ($res)) { return $res; } $nodes = $this->findattributes ($res); $this->removeattributes ($nodes); } return $this->_str; } /** Setting the Allowed properties * @param Array $param */ Public Function Setallow ($param =array ()) { $this->_allow = $param; } /** Setting exceptions * @param Array $param */ Public Function SetException ($param =array ()) { $this->_exception = $param; } /** Setting ignored tags * @param Array $param */ Public Function Setignore ($param =array ()) { $this->_ignore = $param; } /** search for elements to be processed */ Private Function findelements () { $nodes = Array (); Preg_match_all ("/<" ([^!\/\>\n]+) ([^>]*) >/i ", $this->_str, $elements); foreach ($elements [1] as $el _key = $element) { if ($elements [2][$el _key]) { $literal = $elements [0][$el _key]; $element _name = $elements [1][$el _key]; $attributes = $elements [2][$el _key]; if (Is_array ($this->_ignore) &&!in_array ($element _name, $this->_ignore)) { $nodes [] = Array (' literal ' = $literal, ' name ' = = $element _name, ' attributes ' = $attributes); } } } if (! $nodes [0]) { return $this->_str; }else{ return $nodes; } } /** Search Properties * @param Array $nodes The element to be processed */ Private Function Findattributes ($nodes) { foreach ($nodes as & $node) { Preg_match_all ("/([^ =]+) \s*=\s*[\" |] {0,1} ([^\"']*) [\"|'] {0,1}/i ", $node [' Attributes '], $attributes); if ($attributes [1]) { foreach ($attributes [1] as $att _key=> $att) { $literal = $attributes [0][$att _key]; $attribute _name = $attributes [1][$att _key]; $value = $attributes [2][$att _key]; $atts [] = Array (' literal ' = $literal, ' name ' = = $attribute _name, ' value ' = $value); } }else{ $node [' attributes '] = NULL; } $node [' attributes '] = $atts; Unset ($atts); } return $nodes; } /** Removing properties * @param Array $nodes The element to be processed */ Private Function Removeattributes ($nodes) { foreach ($nodes as $node) { $node _name = $node [' name ']; $new _attributes = "; if (Is_array ($node [' attributes '])) { foreach ($node [' attributes '] as $attribute) { if (Is_array ($this->_allow) && in_array ($attribute [' name '], $this->_allow)) | | $this->isexception ( $node _name, $attribute [' name '], $this->_exception)) { $new _attributes = $this->createattributes ($new _attributes, $attribute [' name '], $attribute [' value ']); } } } $replacement = ($new _attributes)? "< $node _name $new _attributes>": "< $node _name>"; $this->_str = preg_replace ('/'. $this->protect ($node [' literal ']). ' /', $replacement, $this->_str); } } /** judge whether the exception * @param String $element _name element name * @param String $attribute _name Property name * @param Array $exceptions allowed exceptions * @return Boolean */ Private Function Isexception ($element _name, $attribute _name, $exceptions) { if (array_key_exists ($element _name, $this->_exception)) { if (In_array ($attribute _name, $this->_exception[$element _name])) { return true; } } return false; } /** Creating properties * @param String $new _attributes * @param String $name * @param String $value * @return String */ Private Function Createattributes ($new _attributes, $name, $value) { if ($new _attributes) { $new _attributes. = ""; } $new _attributes. = "$name =\" $value \ ""; return $new _attributes; } /** Special Character escapes * @param string $STR source strings * @return String */ Private function Protect ($STR) { $conversions = Array ( "^" = "\^", "[" = "\[", "." = "\.", "$" = "\$", "{" = "\{", "*" = "\*", "(" = "\ (", "\ \" = "\\\\", "/" = "\", "+" = "\+", ")" = "\)", "|" = "\|", "?" = "\", "<" = "\<", ">" + "\>" ); Return Strtr ($str, $conversions); } }//Class end ?> |