PHP Classes

File: example1-source.php

Recommend this page to a friend!
  Classes of Anthony Gallon   Antz_TagFilter   example1-source.php   Download  
File: example1-source.php
Role: Example script
Content type: text/plain
Description: Example for basic use
Class: Antz_TagFilter
Strip malicious tags from HTML documents
Author: By
Last change: Typo
Date: 14 years ago
Size: 2,084 bytes
 

Contents

Class file image Download
<?php
############### COPYLEFT GPLv3 LICENSE ###############
##
## Example.php
## Tag Filter - strip html tags and attributes by blacklist and whitelist
##
## Copyright 2009 GPLv3 - http://www.opensource.org/licenses/gpl-3.0.html
##
## Anthony Gallon
## oi_antz@hotmail.com
##
## Permission is hereby granted to any person having a copy of this software
## to freely use and modify as required so long as the copyright notices
## and branding remain intact.
##
############### COPYLEFT GPLv3 LICENSE ###############

$dirname = str_replace(DIRECTORY_SEPARATOR, '/', dirname(__FILE__));
require_once(
$dirname.'/classes/PHPQuery/phpQuery.php');
require_once(
$dirname.'/classes/Antz/TagFilter.php');

$FILTER = new Antz_TagFilter;
$allowTags = array('p', 'a', 'img', 'script');
$denyTags = array('style');
$allowAtts = array('class', 'href', 'src', 'name');
$denyAtts = array('onmouseover');
$explicitDenyAtts = array(
    array(
'script' => 'src', 'iframe' => 'src')
);
$explicitAllowAtts = array();

$FILTER->setTagnameWhitelist($allowTags);
$FILTER->setAttributeWhitelist($allowAtts);
$FILTER->setTagnameBlacklist($denyTags);
$FILTER->setAttributeBlacklist($denyAtts);
$FILTER->setExplicitWhitelist($explicitAllowAtts);
$FILTER->setExplicitBlacklist($explicitDenyAtts);

$code = <<<CODE
Some text to start...
<script type="text/javascript" src="malicious.example.com" />
<style type="text/css">
body{
    background-color: red;
    border: solid green 3px;
}
</style>
<div>
<iframe src="malicious.example.com" style="width: 0; height: 0; position: absolute; left: -1px; top: -1px;" />
</div>
<img src="malicious.example.com" />
<p class="bold yellow" name="restricted">This is some content in a paragraph</p>
<p><a href="hello.txt" onmouseover="javascript:$.getJSON(malicious.example.com)">Click here!</a></p>
And text to end :)
CODE;
   
echo
'<h2>Original code</h2><pre>'.htmlentities($code).'</pre><hr />';

$code = $FILTER->process($code);

echo
'<h2>Filtered code</h2><pre>'.htmlentities($code).'</pre><hr />';