Answer the question
In order to leave comments, you need to log in
S
S
Svyatoslav Nemato2016-09-02 21:19:09
Svyatoslav Nemato, 2016-09-02 21:19:09
How to remove everything superfluous from the text, and leave only the tags?
In addition to the usual <script>Вредоносный код</script>
, Users can stuff things like this <div onclick="Вредоносный код"></div>
. How to remove everything unnecessary from the test (js, flash, something else that can harm the user) and allow tags with styles to be left in the test
. Example:
<h1>Заголовок</h1>
<div style="color:#ffffff;border: 1px solid #b6c2c9;background: #b6c2c9;">Текст</div>
<b style="color:#000000;"><i>Подпись</i></b> 1 answer(s)
@muhammad_97
https://habrahabr.ru/company/smartprogress/blog/202188htmlpurifier.org
UPD
https://github.com/imangazaliev/didom
M
Muhammad, 2016-09-02 @muhammad_97
strip_tags
<?php
$text = '<p>Параграф.</p><!-- Комментарий --> <a href="#fragment">Еще текст</a>';
// Разрешаем <p> и <a>
echo strip_tags($text, '<p><a>');https://habrahabr.ru/company/smartprogress/blog/202188htmlpurifier.org
UPD
https://github.com/imangazaliev/didom
foreach($document->find('*[onclick]') as $element) {
$element->removeAttribute('onclick');
}
Similar questions
S
S
E
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question