Your Ad Here

advanced code snippet search

Posted By

fackz on 03/26/09


Tagged

data injection sanitize


Versions (?)

Who likes this?

5 people have marked this snippet as a favorite

jfherring
nmakarov
fackz
rombob
vali29


Clean Input

 / Published in: PHP
 

Stripping out malicious code

Expand | Embed | Plain Text 
  1. <?php
  2. function cleanInput($input) {
  3.  
  4. $search = array(
  5.     '@<script[^>]*?>.*?</script>@si',   // Strip out javascript
  6.     '@<[\/\!]*?[^<>]*?>@si',            // Strip out HTML tags
  7.     '@<style[^>]*?>.*?</style>@siU',    // Strip style tags properly
  8.     '@<![\s\S]*?--[ \t\n\r]*>@'         // Strip multi-line comments
  9. );
  10.  
  11.     $output = preg_replace($search, '', $input);
  12.     return $output;
  13. }
  14. ?>

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: MMDeveloper on March 27, 2009

the strip_tags() function will achieve the same

You need to login to post a comment.