Processing the submitted data function HtmlDecode ($STR) { if (Empty ($STR) | | "" = = $str) { Return ""; } $str = Strip_tags ($STR); $str = Htmlspecialchars ($STR); $str = NL2BR ($STR); $str = Str_replace ("?", "" ", $str); $str = Str_replace ("*", "", $str); $str = Str_replace ("!", "" ", $str); $str = Str_replace ("~", "", $str); $str = Str_replace ("$", "", $str); $str = str_replace ("%", "", $str); $str = Str_replace ("^", "", $str); $str = Str_replace ("^", "", $str); $str = Str_replace ("Select", "", $str); $str = Str_replace ("Join", "", $str); $str = Str_replace ("union", "", $str); $str = Str_replace ("where", "", $str); $str = Str_replace ("Insert", "", $str); $str = str_replace ("delete", "", $str); $str = Str_replace ("Update", "", $str); $str = Str_replace ("Like", "", $str); $str = Str_replace ("Drop", "", $str); $str = Str_replace ("Create", "", $str); $str = Str_replace ("Modify", "", $str); $str = str_replace ("rename", "", $str); $str = Str_replace ("Alter", "", $str); $str = Str_replace ("Cast", "", $str); $farr = Array ("//s+/",//filter Extra blanks "/< (//?) (img|script|i?frame|style|html|body|title|link|meta|/?| /%) ([^>]*?) >/isu ",//Filter"/(<[^>]*) on[a-za-z]+/s*= ([^>]*>)/isu")//filter on the JavaScript on event ; $tarr = Array ("", "",//If you want to clear unsafe labels directly, you can leave this blank "" ); return $str; } |