/** * Use the HTML checker to remove any possible XSS attacks (eg, <script> tags) * * @param array $data * @return array */ function purify($data) { require_once DIR_FS_PRONTO . DS . 'extlib' . DS . 'safehtml' . DS . 'safehtml.php'; foreach ($data as $k => $v) { if (is_array($v)) { // PHP4 doesn't like self::purify() $data[$k] = Model::purify($v); } else { if (class_exists('safehtml')) { $purifier = new safehtml(); $data[$k] = $purifier->parse($v); } } } return $data; }