function kses($string, $allowed_html, $allowed_protocols = array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto')) { $string = CKses::kses_no_null($string); $string = CKses::kses_js_entities($string); $string = CKses::kses_normalize_entities($string); $string = CKses::kses_hook($string); $allowed_html_fixed = CKses::kses_array_lc($allowed_html); return CKses::kses_split($string, $allowed_html_fixed, $allowed_protocols); }
static function kses($string, $allowed_html, $allowed_protocols = array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto')) { $string = CKses::kses_no_null($string); $string = CKses::kses_js_entities($string); $string = CKses::kses_normalize_entities($string); $string = CKses::kses_hook($string); $allowed_html_fixed = CKses::kses_array_lc($allowed_html); /* @since 2.6, replace the checking with the regex below */ $string = preg_replace('#<(/*\\s*)(alert|applet|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|layer|link|meta|object|plaintext|style|script|textarea|title|xml|xss)([^>]*)>#is', "<\\1\\2\\3>", $string); return $string; //return CKses::kses_split($string, $allowed_html_fixed, $allowed_protocols); }