/** HTML Attribute Filter
- * Date:2013-09-22
- * Author:fdipzone
- * ver:1.0
- * edit:bbs.it-home.org
- * Func:
- * Public Strip Filter Properties
- * Public Setallow setting allowed properties
- * Public SetException Set exceptions
- * Public Setignore Set ignored tags
- * Private findelements search for elements to be processed
- * Private Findattributes Search Properties
- * Private Removeattributes Removal properties
- * Private Isexception judge whether special
- * Private Createattributes Create attribute
- * Private protect special character escapes
- */
- Class htmlattributefilter{//Class start
- Private $_str = '; SOURCE string
- Private $_allow = Array (); Allowed attributes such as: Array (' ID ', ' class ', ' title ')
- Private $_exception = Array (); Exceptions For example: Array (' A ' =>array (' href ', ' class '), ' span ' =>array (' class '))
- Private $_ignore = Array (); Ignore filtered tags such as: Array (' span ', ' img ')
- /** processing HTML, filtering non-reserved properties
- * @param string $STR source strings
- * @return String
- */
- Public function strip ($STR) {
- $this->_str = $str;
- if (is_string ($this->_str) && strlen ($this->_str) >0) {//Judgment string
- $this->_str = strtolower ($this->_str); Turn into lowercase
- $res = $this->findelements ();
- if (is_string ($res)) {
- return $res;
- }
- $nodes = $this->findattributes ($res);
- $this->removeattributes ($nodes);
- }
- return $this->_str;
- }
- /** Setting the Allowed properties
- * @param Array $param
- */
- Public Function Setallow ($param =array ()) {
- $this->_allow = $param;
- }
- /** Setting exceptions
- * @param Array $param
- */
- Public Function SetException ($param =array ()) {
- $this->_exception = $param;
- }
- /** Setting ignored tags
- * @param Array $param
- */
- Public Function Setignore ($param =array ()) {
- $this->_ignore = $param;
- }
- /** search for elements to be processed */
- Private Function findelements () {
- $nodes = Array ();
- Preg_match_all ("/<" ([^!\/\>\n]+) ([^>]*) >/i ", $this->_str, $elements);
- foreach ($elements [1] as $el _key = $element) {
- if ($elements [2][$el _key]) {
- $literal = $elements [0][$el _key];
- $element _name = $elements [1][$el _key];
- $attributes = $elements [2][$el _key];
- if (Is_array ($this->_ignore) &&!in_array ($element _name, $this->_ignore)) {
- $nodes [] = Array (' literal ' = $literal, ' name ' = = $element _name, ' attributes ' = $attributes);
- }
- }
- }
- if (! $nodes [0]) {
- return $this->_str;
- }else{
- return $nodes;
- }
- }
- /** Search Properties
- * @param Array $nodes The element to be processed
- */
- Private Function Findattributes ($nodes) {
- foreach ($nodes as & $node) {
- Preg_match_all ("/([^ =]+) \s*=\s*[\" |] {0,1} ([^\"']*) [\"|'] {0,1}/i ", $node [' Attributes '], $attributes);
- if ($attributes [1]) {
- foreach ($attributes [1] as $att _key=> $att) {
- $literal = $attributes [0][$att _key];
- $attribute _name = $attributes [1][$att _key];
- $value = $attributes [2][$att _key];
- $atts [] = Array (' literal ' = $literal, ' name ' = = $attribute _name, ' value ' = $value);
- }
- }else{
- $node [' attributes '] = NULL;
- }
- $node [' attributes '] = $atts;
- Unset ($atts);
- }
- return $nodes;
- }
- /** Removing properties
- * @param Array $nodes The element to be processed
- */
- Private Function Removeattributes ($nodes) {
- foreach ($nodes as $node) {
- $node _name = $node [' name '];
- $new _attributes = ";
- if (Is_array ($node [' attributes '])) {
- foreach ($node [' attributes '] as $attribute) {
- if (Is_array ($this->_allow) && in_array ($attribute [' name '], $this->_allow)) | | $this->isexception ( $node _name, $attribute [' name '], $this->_exception)) {
- $new _attributes = $this->createattributes ($new _attributes, $attribute [' name '], $attribute [' value ']);
- }
- }
- }
- $replacement = ($new _attributes)? "< $node _name $new _attributes>": "< $node _name>";
- $this->_str = preg_replace ('/'. $this->protect ($node [' literal ']). ' /', $replacement, $this->_str);
- }
- }
- /** judge whether the exception
- * @param String $element _name element name
- * @param String $attribute _name Property name
- * @param Array $exceptions allowed exceptions
- * @return Boolean
- */
- Private Function Isexception ($element _name, $attribute _name, $exceptions) {
- if (array_key_exists ($element _name, $this->_exception)) {
- if (In_array ($attribute _name, $this->_exception[$element _name])) {
- return true;
- }
- }
- return false;
- }
/** Creating properties
- * @param String $new _attributes
- * @param String $name
- * @param String $value
- * @return String
- */
- Private Function Createattributes ($new _attributes, $name, $value) {
- if ($new _attributes) {
- $new _attributes. = "";
- }
- $new _attributes. = "$name =\" $value \ "";
- return $new _attributes;
- }
- /** Special Character escapes
- * @param string $STR source strings
- * @return String
- */
- Private function Protect ($STR) {
- $conversions = Array (
- "^" = "\^",
- "[" = "\[",
- "." = "\.",
- "$" = "\$",
- "{" = "\{",
- "*" = "\*",
- "(" = "\ (",
- "\ \" = "\\\\",
- "/" = "\",
- "+" = "\+",
- ")" = "\)",
- "|" = "\|",
- "?" = "\",
- "<" = "\<",
- ">" + "\>"
- );
- Return Strtr ($str, $conversions);
- }
- }//Class end
- ?>
Copy Code2, demo example
- Require (' HtmlAttributeFilter.class.php ');
- $str = '
';
- $obj = new Htmlattributefilter ();
- Allow ID attribute
- $obj->setallow (Array (' ID '));
- $obj->setexception (Array (
- ' A ' + = Array (' href '),//a tag with href attribute exception allowed
- The ' ul ' = = Array (' class ')//UL tag allows a special case of class attribute
- ));
- IMG tag ignored, no attributes are filtered
- $obj->setignore (Array (' IMG '));
- echo ' Source str:
';
- echo Htmlspecialchars ($str). '
';
- Echo ' Filter str:
';
- Echo Htmlspecialchars ($obj->strip ($STR));
- ?>
Copy CodeAttached, PHP filter HTML tag attribute class source download address |