Login   Register  
PHP Classes
elePHPant
Icontem

File: example2-source.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Anthony Gallon  >  Antz_TagFilter  >  example2-source.php  >  Download  
File: example2-source.php
Role: Example script
Content type: text/plain
Description: Uses config object with get() and set() methods and array configurations (could be fast for .ini configs)
Class: Antz_TagFilter
Strip malicious tags from HTML documents
Author: By
Last change:
Date: 4 years ago
Size: 2,193 bytes
 

Contents

Class file image Download
<?php

###############   COPYLEFT GPLv3 LICENSE   ###############
##
## Copyright 2009 GPLv3 - http://www.opensource.org/licenses/gpl-3.0.html
##
## Anthony Gallon
## oi_antz@hotmail.com
##
## Permission is hereby granted to any person having a copy of this software
## to freely use and modify as required so long as the copyright notices
## and branding remain intact.
##
###############   COPYLEFT GPLv3 LICENSE   ###############

$dirname str_replace(DIRECTORY_SEPARATOR'/'dirname(__FILE__));
require_once(
$dirname.'/classes/PHPQuery/phpQuery.php');
require_once(
$dirname.'/classes/Antz/TagFilter.php'); 


$FILTER = new Antz_TagFilter;
$FILTER_CONFIG = new Antz_TagFilter_Config();

$FILTER_CONFIG->set('attributeWhitelist', array('p''a''img''script'));
$FILTER_CONFIG->set('attributeBlacklist', array('onmouseover'));
$FILTER_CONFIG->set('tagnameWhitelist', array('p''a''img''script'));
$FILTER_CONFIG->set('tagnameBlacklist', array('style'));
$FILTER_CONFIG->set('explicitWhitelist', array());
$FILTER_CONFIG->set('explicitBlacklist', array(array(
    
'script' => 'src',
    
'iframe' => 'src'
)));
$FILTER_CONFIG->set('attributeWhitelist', array('p''a''img''script'));
$FILTER_CONFIG->set('attributeWhitelist', array('p''a''img''script'));
$FILTER_CONFIG->set('attributeWhitelist', array('p''a''img''script'));

$FILTER->setConfig($FILTER_CONFIG);

$code = <<<CODE
Some text to start...
<script type="text/javascript" src="malicious.example.com" />
<style type="text/css">
body{
    background-color: red;
    border: solid green 3px;
}
</style>
<div>
<iframe src="malicious.example.com" style="width: 0; height: 0; position: absolute; left: -1px; top: -1px;" />
</div>
<img src="malicious.example.com" />
<p class="bold yellow" name="restricted">This is some content in a paragraph</p>
<p><a href="hello.txt" onmouseover="javascript:$.getJSON(malicious.example.com)">Click here!</a></p>
And text to end :)
CODE;

echo 
'<h2>Original code</h2><pre>'.htmlentities($code).'</pre><hr />';

$code $FILTER->process($code);

echo 
'<h2>Filtered code</h2><pre>'.htmlentities($code).'</pre><hr />';