php 恶意代码过滤函数
Public Function DecodeFilter(html, filter)
html=LCase(html)
filter=split(filter,",")
For Each i In filter
Select Case i
Case "SCRIPT" ' 去除所有客户端脚本javascipt,vbscript,jscript,js,vbs,event,...
html = exeRE("(javascript|jscript|vbscript|vbs):", "#", html)
html = exeRE("?script[^>]*>", "", html)
html = exeRE("on(mouse|exit|error|click|key)", "", html)
Case "TABLE": ' 去除表格html = exeRE("?table[^>]*>", "", html)
html = exeRE("?tr[^>]*>", "", html)
html = exeRE("?th[^>]*>", "", html)
html = exeRE("?td[^>]*>", "", html)
html = exeRE("?tbody[^>]*>", "", html)
Case "CLASS" ' 去除样式类class=""
html = exeRE("(]+) class=[^ |^>]*([^>]*>)", "$1 $2", html)
Case "STYLE" ' 去除样式style=""
html = exeRE("(]+) style=""[^""]*""([^>]*>)", "$1 $2", html)
html = exeRE("(]+) style='[^']*'([^>]*>)", "$1 $2", html)
Case "IMG" ' 去除样式style=""
html = exeRE("?img[^>]*>", "", html)
Case "XML" ' 去除XML
html = exeRE("]*>", "", html)
Case "NAMESPACE" ' 去除命名空间>>
html = exeRE("]*>", "", html)
Case "FONT" ' 去除字体
html = exeRE("?font[^>]*>", "", html)
html = exeRE("?a[^>]*>", "", html)
html = exeRE("?span[^>]*>", "", html)
html = exeRE("?br[^>]*>", "", html)
Case "MARQUEE" ' 去除字幕
html = exeRE("?marquee[^>]*>", "", html)
Case "OBJECT" ' 去除对象
html = exeRE("?object[^>]*>", "", html)
html = exeRE("?param[^>]*>", "", html)
'html = exeRE("?embed[^>]*>", "", html)
Case "EMBED"
html = exeRE("?embed[^>]*>", "", html)
Case "DIV" ' 去除对象
html = exeRE("?div([^>])*>", "$1", html)
html = exeRE("?p([^>])*>", "$1", html)
Case "ONLOAD" ' 去除样式style=""
html = exeRE("(]+) οnlοad=""[^""]*""([^>]*>)", "$1 $2", html)
html = exeRE("(]+) οnlοad='[^']*'([^>]*>)", "$1 $2", html)
Case "ONCLICK" ' 去除样式style=""
html = exeRE("(]+) οnclick=""[^""]*""([^>]*>)", "$1 $2", html)
html = exeRE("(]+) οnclick='[^']*'([^>]*>)", "$1 $2", html)
Case "ONDBCLICK" ' 去除样式style=""
html = exeRE("(]+) ondbclick=""[^""]*""([^>]*>)", "$1 $2", html)
html = exeRE("(]+) ondbclick='[^']*'([^>]*>)", "$1 $2", html)
End Select
Next
'html = Replace(html,"
'html = Replace(html,"
'html = Replace(html,"
DecodeFilter = html
End Function
http://www.bkjia.com/PHPjc/629754.htmlwww.bkjia.comtruehttp://www.bkjia.com/PHPjc/629754.htmlTechArticlephp 恶意代码过滤函数 Public Function DecodeFilter(html, filter) html=LCase(html) filter=split(filter,,) For Each i In filter Select Case i Case SCRIPT ' 去除所有客户端...
相关文章
相关视频
网友评论
文明上网理性发言,请遵守 新闻评论服务协议我要评论
立即提交
专题推荐
独孤九贱-php全栈开发教程
全栈 100W+
主讲:Peter-Zhu 轻松幽默、简短易学,非常适合PHP学习入门
玉女心经-web前端开发教程
入门 50W+
主讲:灭绝师太 由浅入深、明快简洁,非常适合前端学习入门
天龙八部-实战开发教程
实战 80W+
主讲:西门大官人 思路清晰、严谨规范,适合有一定web编程基础学习
php中文网:公益在线php培训,帮助PHP学习者快速成长!
Copyright 2014-2020 https://www.php.cn/ All Rights Reserved | 苏ICP备2020058653号-1
802
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
