function html2securehtml($textfield) { $textfield = preg_replace("/>/", ">", $textfield); $textfield = preg_replace("/</", "<", $textfield); # <br> $textfield = preg_replace("/<br>/", "<br>", $textfield); # <a></a> $textfield = allowTag("a", $textfield); # <b></b> $textfield = allowTag("b", $textfield); # <i></i> $textfield = allowTag("i", $textfield); # <u></u> $textfield = allowTag("u", $textfield); # <h[1-6]></h[1-6]> $textfield = allowTag("h[1-6]", $textfield); # <p></p> $textfield = allowTag("p", $textfield); # <nobr></nobr> $textfield = allowTag("nobr", $textfield); #<pre></pre> $textfield = allowTag("pre", $textfield); # <ul></ul> $textfield = allowTag("ul", $textfield); # <li></li> $textfield = allowTag("li", $textfield); # <ol></ol> $textfield = allowTag("ol", $textfield); # <span></span> $textfield = allowTag("span", $textfield); # <div></div> $textfield = allowTag("div", $textfield); # <blockquote></blockquote> $textfield = allowTag("blockquote", $textfield); # <font></font> $textfield = allowTag("font", $textfield); return $textfield; }
function processText($s) { $s = str_replace(array('&', '<', '>', "\\'", '\\"'), array('&', '<', '>', "'", '"'), $s); $s = allowTag($s); $s = allowTag1($s); return $s; }