1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
| //---------------------------------------------------
//------ replace and clan functions ------//
//---------------------------------------------------
function makeSafe($Str)
{
$Str = preg_replace( "#(\?|&|&)(PHPSESSID|s|S)=([0-9a-zA-Z]){32}#e", "", $Str );
$Str = str_replace(array("&","<",">"),array("&amp;","&lt;","&gt;",),$Str);
$Str = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',"$1>",$Str);
$Str = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',"$1>",$Str);
if(version_compare(phpversion(),"5.0.0", "<")){
$Str = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu',"$1>",$Str);
$Str = preg_replace('#(&\#*\w+)[\x00-\x20]+;#u',"$1;",$Str);
$Str = preg_replace('#(&\#x*)([0-9A-F]+);*#iu',"$1$2;",$Str);
$Str = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',"$1>",$Str);
$Str = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2nojavascript...',$Str);
$Str = preg_replace('#([a-z]*)[\x00-\x20]*=([\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2novbscript...',$Str);
}
$Str = preg_replace('#</*\w+:\w[^>]*>#i',"",$Str);
do {
$oldstring = $Str;
$string = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$Str);
} while ($oldstring != $Str);
return $Str;
} |
Partager