1.strip_tags(剥去字符串中的 HTML 标签)
strip_tags() 函数剥去字符串中的 HTML、XML 以及 PHP 的标签。
2.字符串替换
str_replace(array(“ ”,” ”,”\t”,”\r\n”,”\r”,”\n”),array(“”,”“,”“,”“,”“,”“)
3.利用正则表达式(效率稍微低一些)
str=pregreplace("/\s+/","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
\s
+
/
"
,
""
,
str); //过滤多余回车
str=pregreplace("/<[]+/si","<",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
[
]
+
/
s
i
"
,
"<"
,
str); //过滤<__(“<”号后面带空格)
str=pregreplace("/<−−.∗?−−>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
−
−
.
∗
?
−
−
>
/
s
i
"
,
""
,
str); //注释
str=pregreplace("/<(.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤DOCTYPE
str=pregreplace("/<(\/?html.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
h
t
m
l
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤html标签
str=pregreplace("/<(\/?head.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
h
e
a
d
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤head标签
str=pregreplace("/<(\/?meta.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
m
e
t
a
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤meta标签
str=pregreplace("/<(\/?body.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
b
o
d
y
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤body标签
str=pregreplace("/<(\/?link.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
l
i
n
k
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤link标签
str=pregreplace("/<(\/?form.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
f
o
r
m
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤form标签
str=pregreplace("/cookie/si","COOKIE",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
c
o
o
k
i
e
/
s
i
"
,
"
C
O
O
K
I
E
"
,
str); //过滤COOKIE标签
str=pregreplace("/<(applet.∗?)>(.∗?)<(\/applet.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
a
p
p
l
e
t
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
a
p
p
l
e
t
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤applet标签
str=pregreplace("/<(\/?applet.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
a
p
p
l
e
t
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤applet标签
str=pregreplace("/<(style.∗?)>(.∗?)<(\/style.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
s
t
y
l
e
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
s
t
y
l
e
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤style标签
str=pregreplace("/<(\/?style.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
s
t
y
l
e
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤style标签
str=pregreplace("/<(title.∗?)>(.∗?)<(\/title.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
t
i
t
l
e
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
t
i
t
l
e
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤title标签
str=pregreplace("/<(\/?title.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
t
i
t
l
e
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤title标签
str=pregreplace("/<(object.∗?)>(.∗?)<(\/object.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
o
b
j
e
c
t
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
o
b
j
e
c
t
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤object标签
str=pregreplace("/<(\/?objec.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
o
b
j
e
c
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤object标签
str=pregreplace("/<(noframes.∗?)>(.∗?)<(\/noframes.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
n
o
f
r
a
m
e
s
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
n
o
f
r
a
m
e
s
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤noframes标签
str=pregreplace("/<(\/?noframes.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
n
o
f
r
a
m
e
s
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤noframes标签
str=pregreplace("/<(i?frame.∗?)>(.∗?)<(\/i?frame.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
i
?
f
r
a
m
e
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
i
?
f
r
a
m
e
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤frame标签
str=pregreplace("/<(\/?i?frame.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
i
?
f
r
a
m
e
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤frame标签
str=pregreplace("/<(script.∗?)>(.∗?)<(\/script.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
s
c
r
i
p
t
.
∗
?
)
>
(
.
∗
?
)
<
(
\/
s
c
r
i
p
t
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤script标签
str=pregreplace("/<(\/?script.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
s
c
r
i
p
t
.
∗
?
)
>
/
s
i
"
,
""
,
str); //过滤script标签
str=pregreplace("/javascript/si","Javascript",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
j
a
v
a
s
c
r
i
p
t
/
s
i
"
,
"
J
a
v
a
s
c
r
i
p
t
"
,
str); //过滤script标签
str=pregreplace("/vbscript/si","Vbscript",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
v
b
s
c
r
i
p
t
/
s
i
"
,
"
V
b
s
c
r
i
p
t
"
,
str); //过滤script标签
str=pregreplace("/on([a−z]+)\s∗=/si","On1=",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
o
n
(
[
a
−
z
]
+
)
\s
∗
=
/
s
i
"
,
"
O
n
1
="
,
str); //过滤script标签
str=preg_replace("/&#/si","&#",
str=preg_replace("/&#/si","&#",
str); //过滤script标签,如javAsCript:alert(
str=pregreplace("/<(\/?.∗?)>/si","",
s
t
r
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
.
∗
?
)
>
/
s
i
"
,
""
,
str);//匹配任意html标签方式
转载来自https://www.cnblogs.com/jinrenming/p/5128082.html
this−>content=pregreplace("/<(\/?.∗?)>/si","",
t
h
i
s
−
>
c
o
n
t
e
n
t
=
p
r
e
g
r
e
p
l
a
c
e
(
"
/
<
(
\/
?
.
∗
?
)
>
/
s
i
"
,
""
,
this->content);//过滤大多数的html标签