標籤:meta cal let static blob 連結 each ble ref
一個過慮xxs的代碼
public static function removeXSS($str) {$str = str_replace(‘<!-- -->‘, ‘‘, $str);$str = preg_replace(‘~/\*[ ]+\*/~i‘, ‘‘, $str);$str = preg_replace(‘/\\\0{0,4}4[0-9a-f]/is‘, ‘‘, $str);$str = preg_replace(‘/\\\0{0,4}5[0-9a]/is‘, ‘‘, $str);$str = preg_replace(‘/\\\0{0,4}6[0-9a-f]/is‘, ‘‘, $str);$str = preg_replace(‘/\\\0{0,4}7[0-9a]/is‘, ‘‘, $str);$str = preg_replace(‘/�{0,8}[0-9a-f]{2};/is‘, ‘‘, $str);$str = preg_replace(‘/�{0,8}[0-9]{2,3};/is‘, ‘‘, $str);$str = preg_replace(‘/�{0,8}[0-9]{2,3};/is‘, ‘‘, $str);$str = htmlspecialchars($str);//$str = preg_replace(‘/</i‘, ‘<‘, $str);//$str = preg_replace(‘/>/i‘, ‘>‘, $str);// 非成對標籤$lone_tags = array("img", "param", "br", "hr");foreach ($lone_tags as $key => $val){$val = preg_quote($val);$str = preg_replace(‘/<‘ . $val . ‘(.*)(\/?)>/isU‘, ‘<‘ . $val . "\\1\\2>", $str);$str = self::transCase($str);$str = preg_replace_callback(‘/<‘ . $val . ‘(.+?)>/i‘, create_function(‘$temp‘, ‘return str_replace(""","\"",$temp[0]);‘), $str);}$str = preg_replace(‘/&/i‘, ‘&‘, $str);// 成對標籤$double_tags = array("table", "tr", "td", "font", "a", "object", "embed", "p", "strong", "em", "u", "ol", "ul", "li", "div", "tbody", "span", "blockquote", "pre", "b", "font");foreach ($double_tags as $key => $val){$val = preg_quote($val);$str = preg_replace(‘/<‘ . $val . ‘(.*)>/isU‘, ‘<‘ . $val . "\\1>", $str);$str = self::transCase($str);$str = preg_replace_callback(‘/<‘ . $val . ‘(.+?)>/i‘, create_function(‘$temp‘, ‘return str_replace(""","\"",$temp[0]);‘), $str);$str = preg_replace(‘/<\/‘ . $val . ‘>/is‘, ‘</‘ . $val . ">", $str);}// 清理js$tags = Array(‘javascript‘,‘vbscript‘,‘expression‘,‘applet‘,‘meta‘,‘xml‘,‘behaviour‘,‘blink‘,‘link‘,‘style‘,‘script‘,‘embed‘,‘object‘,‘iframe‘,‘frame‘,‘frameset‘,‘ilayer‘,‘layer‘,‘bgsound‘,‘title‘,‘base‘,‘font‘);foreach ($tags as $tag){$tag = preg_quote($tag);$str = preg_replace(‘/‘ . $tag . ‘\(.*\)/isU‘, ‘\\1‘, $str);$str = preg_replace(‘/‘ . $tag . ‘\s*:/isU‘, $tag . ‘\:‘, $str);}$str = preg_replace(‘/[\s]+on[\w]+[\s]*=/is‘, ‘‘, $str);Return $str;}連結地址:https://github.com/sillydong/CZD_Yaf_Extension/blob/master/library/Tools.php
不錯的yaf封閉mysql地址 https://github.com/jonsonxu/yaf
php 一個過慮xxs的代碼
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
