The following function can be used to filter user input to ensure that the input is XSS safe. Specific how to filter, you can see inside the function, there are comments.
Copy Code code as follows:
<?php
function Removexss ($val) {
Remove all non-printable characters. CR (0a) and LF (0b) and TAB (9) are allowed
This prevents some character re-spacing such as <java\0script>
Note this you have to handle splits with \ n, \ r, and \ t later since they *are* allowed in some inputs
$val = Preg_replace ('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/', ', $val);
Straight replacements, the user should never need these since they ' re normal characters
This is prevents like
$search = ' abcdefghijklmnopqrstuvwxyz ';
$search. = ' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';
$search. = ' 1234567890!@#$%^&* () ';
$search. = ' ~ ';: +/={}[]-_|\ ' \ ';
for ($i = 0; $i < strlen ($search); $i + +) {
// ;? Matches the;, which is optional
0{0,7} matches any padded zeros, which are optional and go up to 8 chars
@ @ search for the hex values
$val = Preg_replace ('/(&#[xx]0{0,8} '. Dechex (Ord ($search [$i])). /I ', $search [$i], $val); with A;
@ @ 0{0,7} matches ' 0 ' zero to seven times
$val = Preg_replace ('/({0,8} '. Ord ($search [$i]). /', $search [$i], $val); with A;
}
Now the only remaining whitespace attacks are \ \ n, and \ r
$ra 1 = Array (' javascript ', ' VBScript ', ' expression ', ' applets ', ' meta ', ' xml ', ' blink ', ' link ', ' style ', ' script ', ' embed ', ' Object ', ' iframe ', ' frame ', ' frameset ', ' ilayer ', ' layer ', ' bgsound ', ' title ', ' base ';
$ra 2 = Array (' onabort ', ' onactivate ', ' onafterprint ', ' onafterupdate ', ' onbeforeactivate ', ' onbeforecopy ') , ' onbeforecut ', ' onbeforedeactivate ', ' onbeforeeditfocus ', ' onbeforepaste ', ' onbeforeprint ', ' onbeforeunload ', ' Onbeforeupdate ', ' onblur ', ' onbounce ', ' oncellchange ', ' onchange ', ' onclick ', ' oncontextmenu ', ' oncontrolselect ', ' Oncopy ', ' oncut ', ' ondataavailable ', ' ondatasetchanged ', ' ondatasetcomplete ', ' ondblclick ', ' ondeactivate ', ' Ondrag ', ' Ondragend ', ' ondragenter ', ' ondragleave ', ' ondragover ', ' ondragstart ', ' ondrop ', ' onerror ', ' onerrorupdate ', ' Onfilterchange ', ' onfinish ', ' onfocus ', ' onfocusin ', ' onfocusout ', ' onhelp ', ' onkeydown ', ' onkeypress ', ' onkeyup ', ' Onlayoutcomplete ', ' onload ', ' onlosecapture ', ' onmousedown ', ' onmouseenter ', ' onmouseleave ', ' onmousemove ', ' onMouseOut ', ' onmouseover ', ' onmouseup ', ' onmousewheel ', ' onmove ', ' onmoveend ', ' onmovestart ', ' onpaste ', ' Onpropertychange ', ' onreadystatechange ', ' onreset ', ' onresize ', ' onresizeend ', ' Onresizestart', ' onrowenter ', ' onrowexit ', ' onrowsdelete ', ' onrowsinserted ', ' onscroll ', ' onselect ', ' onselectionchange ', ' Onselectstart ', ' onstart ', ' onstop ', ' onsubmit ', ' onunload ');
$ra = Array_merge ($ra 1, $ra 2);
$found = true; Keep replacing as long as the previous round replaced something
while ($found = = True) {
$val _before = $val;
for ($i = 0; $i < sizeof ($RA); $i + +) {
$pattern = '/';
for ($j = 0; $j < strlen ($ra [$i]); $j + +) {
if ($j > 0) {
$pattern. = ' (';
$pattern. = ' (&#[xx]0{0,8} ([9ab]);) ';
$pattern. = ' | ';
$pattern. = ' | ({0,8} ([9|10|13]);) ';
$pattern. = ') *;
}
$pattern. = $ra [$i] [$j];
}
$pattern. = '/I ';
$replacement = substr ($ra [$i], 0, 2). ' <x> '. substr ($ra [$i], 2); Add in <> to nerf the tag
$val = Preg_replace ($pattern, $replacement, $val); Filter out the hex tags
if ($val _before = = $val) {
No replacements were made, so exit the loop
$found = false;
}
}
}
return $val;
}
?>