本文整理汇总了PHP中MyTextSanitizer::filterXss方法的典型用法代码示例。如果您正苦于以下问题:PHP MyTextSanitizer::filterXss方法的具体用法?PHP MyTextSanitizer::filterXss怎么用?PHP MyTextSanitizer::filterXss使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类MyTextSanitizer
的用法示例。
在下文中一共展示了MyTextSanitizer::filterXss方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: load
/**
* @param MyTextSanitizer $ts
* @param string $text
* @param bool $force
* @return mixed
*/
public function load(MyTextSanitizer &$ts, $text, $force = false)
{
$xoops = Xoops::getInstance();
if (empty($force) && $xoops->userIsAdmin) {
return $text;
}
// Built-in fitlers for XSS scripts
// To be improved
$text = $ts->filterXss($text);
if (XoopsLoad::load("purifier", "framework")) {
$text = XoopsPurifier::purify($text);
return $text;
}
$tags = array();
$search = array();
$replace = array();
$config = parent::loadConfig(__DIR__);
if (!empty($config["patterns"])) {
foreach ($config["patterns"] as $pattern) {
if (empty($pattern['search'])) {
continue;
}
$search[] = $pattern['search'];
$replace[] = $pattern['replace'];
}
}
if (!empty($config["tags"])) {
$tags = array_map("trim", $config["tags"]);
}
// Set embedded tags
$tags[] = "SCRIPT";
$tags[] = "VBSCRIPT";
$tags[] = "JAVASCRIPT";
foreach ($tags as $tag) {
$search[] = "/<" . $tag . "[^>]*?>.*?<\\/" . $tag . ">/si";
$replace[] = " [!" . strtoupper($tag) . " FILTERED!] ";
}
// Set meta refresh tag
$search[] = "/<META[^>\\/]*HTTP-EQUIV=(['\"])?REFRESH(\\1)[^>\\/]*?\\/>/si";
$replace[] = "";
// Sanitizing scripts in IMG tag
//$search[]= "/(<IMG[\s]+[^>\/]*SOURCE=)(['\"])?(.*)(\\2)([^>\/]*?\/>)/si";
//$replace[]="";
// Set iframe tag
$search[] = "/<IFRAME[^>\\/]*SRC=(['\"])?([^>\\/]*)(\\1)[^>\\/]*?\\/>/si";
$replace[] = " [!IFRAME FILTERED! \\2] ";
$search[] = "/<IFRAME[^>]*?>([^<]*)<\\/IFRAME>/si";
$replace[] = " [!IFRAME FILTERED! \\1] ";
// action
$text = preg_replace($search, $replace, $text);
return $text;
}