Login   Register  
PHP Classes
elePHPant
Icontem

File: example3-source.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Anthony Gallon  >  Antz_TagFilter  >  example3-source.php  >  Download  
File: example3-source.php
Role: Example script
Content type: text/plain
Description: Uses config object in natural OOP style
Class: Antz_TagFilter
Strip malicious tags from HTML documents
Author: By
Last change: Add PHP tag
Date: 4 years ago
Size: 1,609 bytes
 

Contents

Class file image Download
<?php

###############   COPYLEFT GPLv3 LICENSE   ###############
##
## Copyright 2009 GPLv3 - http://www.opensource.org/licenses/gpl-3.0.html
##
## Anthony Gallon
## oi_antz@hotmail.com
##
## Permission is hereby granted to any person having a copy of this software
## to freely use and modify as required so long as the copyright notices
## and branding remain intact.
##
###############   COPYLEFT GPLv3 LICENSE   ###############

$FILTER = new Antz_TagFilter;
$FILTER_CONFIG = new Antz_TagFilter_Config();

$FILTER_CONFIG->allowTags('p');
$FILTER_CONFIG->allowTags(array('a''img''script''div'));
$FILTER_CONFIG->allowAttributes(array('style''src'));
$FILTER_CONFIG->denyTags(array('script'));
$FILTER_CONFIG->denyExplicit('script''src');

$FILTER->setConfig($FILTER_CONFIG);

$code = <<<CODE
Some text to start...
<script type="text/javascript" src="malicious.example.com" />
<style type="text/css">
body{
    background-color: red;
    border: solid green 3px;
}
</style>
<div style="border: solid 1px red">
<iframe src="malicious.example.com" style="width: 0; height: 0; position: absolute; left: -1px; top: -1px;" />
</div>
<img src="malicious.example.com" />
<p class="bold yellow" name="restricted">This is some content in a paragraph</p>
<p><a href="hello.txt" onmouseover="javascript:$.getJSON(malicious.example.com)">Click here!</a></p>
And text to end :)
CODE;

echo 
'<h2>Original code</h2><pre>'.htmlentities($code).'</pre><hr />';

$code $FILTER->process($code);

echo 
'<h2>Filtered code</h2><pre>'.htmlentities($code).'</pre><hr />';