Маленькая функция для чистки входящих данных

function sanitize_text($filtered, $remove_breaks = false)
{
  if(strpos($filtered, '<') !== false)
  {
    $filtered = htmlspecialchars( $filtered, ENT_QUOTES );
    $filtered = preg_replace( '@<(script|style)[^>]*?>.*?</\\1>@si', '', $filtered );
    $filtered = strip_tags( $filtered, false );
    $filtered = str_replace( "<\n", "&lt;\n", $filtered );
        }

  if($remove_breaks)
  {
    $filtered = preg_replace( '/[\r\n\t ]+/', ' ', $filtered );
  }

  $filtered = trim( $filtered );

  $found = false;

  while ( preg_match( '/%[a-f0-9]{2}/i', $filtered, $match ) )
  {
    $filtered = str_replace( $match[0], '', $filtered );
    $found    = true;
  }

  if($found)
  {
    $filtered = trim( preg_replace( '/ +/', ' ', $filtered ) );
  }
  return $filtered;
}

 

Вам также может понравиться

About the Author: Тупой прогер