PHP Malicious Code Filter function
Public Function decodefilter (HTML, filter)
Html=lcase (HTML)
Filter=split (Filter, ",")
For each I in filter
Select case I
Case "Script" removes all client script javascipt,vbscript,jscript,js,vbs,event,...
html = Exere ("(javascript|jscript|vbscript|vbs):", "#", HTML)
html = Exere (" ]*>", "", HTML)
html = Exere ("On (Mouse|exit|error|click|key)", "", HTML)
Case "TABLE": ' Remove table
|
html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) Case "class" ' Remove Style class class= "" html = Exere ("(<[^>]+) class=[^ |^>]* ([^>]*>)", "$ $", HTML) Case "style" ' Remove style style= ' " html = Exere ("(<[^>]+) style=" "[^" "]*" "([^>]*>)", "$ $", HTML) html = Exere ("(<[^>]+) style= ' [^ ']* ' ([^>]*>)", "$ $", HTML) Case "IMG" ' Remove style style= "" html = Exere (" ]*> "," ", HTML) Case "XML" ' removing XML html = exere ("<\\?xml[^>]*>", "", HTML) Case "NAMESPACE" ' Remove namespace html = Exere ("<\/?[ A-z]+:[^>]*> "," ", HTML) Case "Font" ' Remove font ' html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) Case "MARQUEE" ' subtitle removal html = Exere (" ]*> "," ", HTML) Case "Object" removes the object html = Exere (" ]*> "," ", HTML) html = Exere (" ]*> "," ", HTML) ' HTML = Exere (" ]*> "," ", HTML) Case "EMBED" html = Exere (" ]*> "," ", HTML) Case "DIV" ' Remove object html = Exere (" ]) *> "," $ ", html) html = Exere (" ]) *> "," $ ", html) Case "ONLOAD" ' Remove style style= "" html = Exere ("(<[^>]+) onload=" "[^" "]*" "([^>]*>)", "$ $", HTML) html = Exere ("(<[^>]+) onload= ' [^ ']* ' ([^>]*>)", "$ $", HTML) Case "ONCLICK" ' Remove style style= "" html = Exere ("(<[^>]+) onclick=" "[^" "]*" "([^>]*>)", "$ $", HTML) html = Exere ("(<[^>]+) onclick= ' [^ ']* ' ([^>]*>)", "$ $", HTML) Case "Ondbclick" ' Remove style style= ' " html = Exere ("(<[^>]+) ondbclick=" "[^" "]*" "([^>]*>)", "$ $", HTML) html = Exere ("(<[^>]+) ondbclick= ' [^ ']* ' ([^>]*>)", "$ $", HTML) End Select Next ' HTML = Replace (HTML, " <><> ' HTML = Replace (HTML, " <><> ' HTML = Replace (HTML, " <><> Decodefilter = html End Functionhttp://www.bkjia.com/PHPjc/629754.html www.bkjia.com true http://www.bkjia.com/PHPjc/629754.html techarticle PHP Malicious Code Filter function Public function decodefilter (HTML, filter) html=lcase (HTML) filter=split (filter,,) for each I in filter S Elect case I SCRIPT ' remove all clients ... |