i am trying to covert HTML to entities using PHP, but i need to except <br> and <a> tags.
here's an example of my code
<?php
$string[0] = "<a href='http://hidd3n.tk'>Needs to stay</a> Filler text in between
<br><br> <script src='http://malicious.com/'></script> NEEDS to go";
$string[1] = htmlentities($string[0], ENT_QUOTES, "UTF-8");
?>
我建议您使用BBCode ,这样会更安全。
EDIT:
Okay i have worked out a way.
Take this function rather safe than previous one:
function convert_myhtml_entities($string){
$string = htmlentities($string, ENT_NOQUOTES, "UTF-8");
$string = preg_replace('/<\s*br\s*(\/|)\s*>/U','<br$1>',$string);
$string = preg_replace('/<\s*a(.*)\s*>/U','<a$1>',$string);
$string = preg_replace('/<\s*\/\s*a\s*>/U','</a>',$string);
return $string;
}
now it is the tested with the string above.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.