/**
* Nettoie du code HTML
*
* @param string $html the html string
*
* @return string the cleaned html
*/
static function sanitizeHTML($html)
{
//check if html is present
if (!preg_match("/<html/", $html)) {
$html = '<html><head><title>E-mail</title></head><body>' . $html . '</body></html>';
}
//=>XML
$html = CMbString::convertHTMLToXMLEntities($html);
//load & repair dom
$document = new CMbXMLDocument();
$document->preserveWhiteSpace = false;
@$document->loadHTML($html);
//remove scripts tag
$xpath = new DOMXpath($document);
$filter = array("//script", "//meta", "//applet", "//iframe");
//some dangerous
foreach ($filter as $_filter) {
$elements = $xpath->query($_filter);
foreach ($elements as $_element) {
$_element->parentNode->removeChild($_element);
}
}
$html = $document->saveHTML();
//Cleanup after save
$html = preg_replace("/<!DOCTYPE(.*?)>/", '', $html);
$html = preg_replace("/\\/\\/>/mu", "/>", $html);
$html = preg_replace("/nowrap/", '', $html);
$html = preg_replace("/<[b|h]r([^>]*)>/", "<br \$1/>", $html);
$html = preg_replace("/<img([^>]+)>/", "<img\$1/>", $html);
return $html;
}
