PHP过滤表单输入
[英]PHP Filtering Form Input
问题描述
I'm sure someone has covered this before, but I didn't find it in a quick search of the site. 
我敢肯定有人曾经讲过,但是我在快速搜索该网站时没有找到它。 Right now I'm trying to filter some input from a WYSIWYG, so that it will remove characters like: ¢©÷µ·¶±€£®§™¥ but keep HTML characters. 现在,我正在尝试过滤所见即所得的一些输入,以便它将删除诸如¢©÷µ·¶±€£®§™¥之类的字符,但保留HTML字符。 I've tried htmlentities and htmlspecialcharacters, but that still seems to leave those characters in tact. 我已经尝试了htmlentities和htmlspecialcharacters,但这似乎仍然使那些字符保持不变。 Any methods already present, or anybody have a good regex that would handle this? 已经存在的任何方法,或者有人拥有可以处理此问题的正则表达式? Thanks! 谢谢!
4 个解决方案
解决方案1
1 已采纳 2009-12-15 15:32:16
如果您使用的是PHP> 5.2.0,则过滤器可能会有所帮助。
解决方案2
0 2009-12-15 15:12:42
that regex should work: 正则表达式应该起作用:
$text = preg_replace('/[¢©÷µ·¶±€£®§™¥]*/', '', $text); $ text = preg_replace('/ [¢©÷µ·¶±€£®§™¥] * /','',$ text);
you could also replace the items like this: 您还可以替换以下项目:
$bad = array('©','®'); $ bad = array('©','®'); $good = array('©', '®'); $ good = array('©','®');
$text = preg_replace($bad, $good, $text); $ text = preg_replace($ bad,$ good,$ text);
解决方案3
0 2009-12-15 15:19:15
Have you tried the htmlentities() function? 您是否尝试过htmlentities()函数? Try like this: 尝试这样:
$text = htmlentities($text);
There's some other optional parameters which you can check out at http://php.net/manual/en/function.htmlentities.php . 您还可以在http://php.net/manual/en/function.htmlentities.php上查看其他一些可选参数。 You might have to set the quote_style and charset ones, at the very least. 您可能至少需要设置quote_style和charset 。
解决方案4
0 2009-12-15 15:50:51
htmlentities() and htmlspecialchars() aren't going to work for you if you want to remove those characters completely, rather than just converting them to HTML entities. 如果您想完全删除那些字符,而不是仅仅将它们转换为HTML实体,则htmlentities()和htmlspecialchars()不会为您服务。
EDIT 编辑
I just noticed that at one point you said you want to preserve HTML entities. 我只是注意到您曾经说过要保留HTML实体。 If that's the case, use htmlentities() !! 如果是这样,请使用htmlentities() ! It will convert all those symbols into their html entity equivalent. 它将所有这些符号转换为等效的html实体。 If you echo it, you're still going to see the characters you tried to remove, but if you view the source, you'll see the &name; 如果回显它,您仍将看到尝试删除的字符,但是如果查看源,则将看到&name; formatted entity instead. 格式化实体。
You may need to use a regex for this, as sad as that is. 为此,您可能需要使用正则表达式。 Most PHP functions are trying to preserve those characters for you in one format or another. 大多数PHP函数都试图以一种或另一种格式为您保留这些字符。 It's surprising that they're isn't a function to remove them, that I know of at least! 令人惊讶的是,它们并不是删除它们的功能,至少我知道!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.