PHP SQL anti-injection and HTML filtering security functions

Method filters HTML Custom functions

function Ihtmlspecialchars ($string) {
if (Is_array ($string)) {
foreach ($string as $key => $val) {
$string [$key] = Ihtmlspecialchars ($val);
}
else {
$string = Preg_replace ('/& (d{3,5}|x[a-fa-f0-9]{4}) |[ a-za-z][a-z0-9]{2,5});)/', ' &1 ',
Str_replace (' & ', ' "', ' < ', ' > '), Array (' &amp; ', ' &quot; ', ' &lt; ', ' &gt; '), $string));
}
return $string; Method Two

$rptype = 0 means to replace only HTML tags
$rptype = 1 means to replace HTML tags to remove consecutive white space characters at the same time
$rptype = 2 means replacing HTML tags and removing all white-space characters at the same time
$rptype =-1 means to replace only HTML dangerous tags
function Htmlreplace ($str, $rptype =0)
{
$str = Strips Tutorial Lashes ($STR);
if ($rptype ==0)
{
$str = Htmlspecialchars ($STR);
}
else if ($rptype ==1)
{
$str = Htmlspecialchars ($STR);
$str = Str_replace ("", ", $str);
$str = Ereg_replace ("[Rnt]{1,}", ", $str");
}
else if ($rptype ==2)
{
$str = Htmlspecialchars ($STR);
$str = Str_replace ("", ", $str);
$str = Ereg_replace ("[Rnt]", "", $str);
}
Else
{
$str = Ereg_replace ("[Rnt]{1,}", ", $str");
$str = eregi_replace (' script ', ' script ', $str);
$str = Eregi_replace ("<[/]{0,1} (Link|meta|ifr|fra) [^>]*>", ", $str";
}
Return addslashes ($STR);
Other methods

PHP Tutorial Filter unsafe character functions

Function uh ($STR)
{
$farr = Array (
"/s+/",//filtering excess blank
"/< (/?) (script|i?frame|style|html|body|title|link|meta|?|%) ([^>]*?) >/isu ",//filter <script, etc. may introduce malicious content or malicious change display layout code, if you do not need to insert flash, you can also add <object filter
"/(<[^>]*) on[a-za-z]+s*= ([^>]*>)/isu",//Filter page effects on event
);
$tarr = Array (
" ",
' <123> ',//If you want to clear the unsafe label directly, leave this blank
"12",
);

$str = Preg_replace ($farr, $tarr, $STR);
return $str;