用一个过滤器清理 [code] 标签外的内容,用另一个过滤器清理 [code] 标签内的内容
Sanitize content outside of [code] tags with one filter and content inside [code] tags with another filter
我正在尝试清理我页面上的评论,但我只想从 [code] [/code] 标签之外的内容中删除 html 标签等。
关于标签里面的内容,我只想用htmlspecialchars($data, ENT_QUOTES, 'UTF-8');上。
所以如果我有这样的评论:
<a>some text</a>
<a>some text</a>
[code]<p>some text</p>[/code]
<div>some text</div>
<div>some text</div>
[code]<p>some text</p>[/code]
<div>hfghgf</div>
<div>some text</div>
我的过滤器看起来像这样
function sanitize($data) {
$data = trim($data);
$data = strip_tags($data);
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
return $data;
}
我现在如何使用 sanitize() 函数过滤 [code] 标签之外的所有内容,然后仅对 [code] 标签内的内容使用 htmlspecialchars()。我还必须在一条评论中考虑多个 [code] 标签。
我想出了解决办法。如果其他人需要它,就在这里。
function sanitize($data) {
$data = trim($data);
$data = strip_tags($data);
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
return $data;
}
$data = preg_split('/(\[code\])|(\[\/code\])/i', $data, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); // Split the array
foreach($data as $key => $value) {
if(($value === "[code]") || ($value === "[CODE]")) {
$data[$key] = $value.htmlspecialchars($data[$key+1],ENT_QUOTES, 'UTF-8').htmlspecialchars($data[$key+2], ENT_QUOTES, 'UTF-8'); // Set key with sanitized code block
unset($data[$key+1]); // Unset old key with content inside code tags
unset($data[$key+2]); // Unset old key with "[/code]"
}
}
$data = array_values($data); // Reorder the array
foreach($data as $key => $value) {
if(!preg_match("/\[code\][\s\S]*?\[\/code\]/i", $value)) {
$data[$key] = sanitize($value);
}
}
$data = implode(" ", $data);
对于您的示例输入,这似乎更直接一些:
代码:(Demo)
$data=<<<HTML
<a>some text</a>
<a>some text</a>
[code]<p>some text</p>[/code]
<div>some text</div>
<div>some text</div>
[code]<p>some text</p>[/code]
<div>hfghgf</div>
<div>some text</div>
HTML;
$data=strip_tags( // strip any residual tags from the string
preg_replace_callback(
'~\[code].*?\[/code]~is', // match [code]-wrapped substrings
function($m){
return htmlspecialchars($m[0],ENT_QUOTES,'UTF-8'); // convert html entities as intended
},
$data
)
);
var_export($data);
输出:
'some text
some text
[code]<p>some text</p>[/code]
some text
some text
[code]<p>some text</p>[/code]
hfghgf
some text'
我正在尝试清理我页面上的评论,但我只想从 [code] [/code] 标签之外的内容中删除 html 标签等。
关于标签里面的内容,我只想用htmlspecialchars($data, ENT_QUOTES, 'UTF-8');上。
所以如果我有这样的评论:
<a>some text</a>
<a>some text</a>
[code]<p>some text</p>[/code]
<div>some text</div>
<div>some text</div>
[code]<p>some text</p>[/code]
<div>hfghgf</div>
<div>some text</div>
我的过滤器看起来像这样
function sanitize($data) {
$data = trim($data);
$data = strip_tags($data);
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
return $data;
}
我现在如何使用 sanitize() 函数过滤 [code] 标签之外的所有内容,然后仅对 [code] 标签内的内容使用 htmlspecialchars()。我还必须在一条评论中考虑多个 [code] 标签。
我想出了解决办法。如果其他人需要它,就在这里。
function sanitize($data) {
$data = trim($data);
$data = strip_tags($data);
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
return $data;
}
$data = preg_split('/(\[code\])|(\[\/code\])/i', $data, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY); // Split the array
foreach($data as $key => $value) {
if(($value === "[code]") || ($value === "[CODE]")) {
$data[$key] = $value.htmlspecialchars($data[$key+1],ENT_QUOTES, 'UTF-8').htmlspecialchars($data[$key+2], ENT_QUOTES, 'UTF-8'); // Set key with sanitized code block
unset($data[$key+1]); // Unset old key with content inside code tags
unset($data[$key+2]); // Unset old key with "[/code]"
}
}
$data = array_values($data); // Reorder the array
foreach($data as $key => $value) {
if(!preg_match("/\[code\][\s\S]*?\[\/code\]/i", $value)) {
$data[$key] = sanitize($value);
}
}
$data = implode(" ", $data);
对于您的示例输入,这似乎更直接一些:
代码:(Demo)
$data=<<<HTML
<a>some text</a>
<a>some text</a>
[code]<p>some text</p>[/code]
<div>some text</div>
<div>some text</div>
[code]<p>some text</p>[/code]
<div>hfghgf</div>
<div>some text</div>
HTML;
$data=strip_tags( // strip any residual tags from the string
preg_replace_callback(
'~\[code].*?\[/code]~is', // match [code]-wrapped substrings
function($m){
return htmlspecialchars($m[0],ENT_QUOTES,'UTF-8'); // convert html entities as intended
},
$data
)
);
var_export($data);
输出:
'some text
some text
[code]<p>some text</p>[/code]
some text
some text
[code]<p>some text</p>[/code]
hfghgf
some text'