[프로그래밍] PHP 특정 테그만 막기

 

$allowedTags = ＇<h1><b><i><a><ul><li><pre><hr><blockquote><img><embed><font><br><p>＇;
$stripAttrib = ＇javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|＇.
      ＇onmousemove|onmouseout|onkeypress|onkeydown|onkeyup＇;

function removeEvilTags($source)
{
  global $allowedTags;
  $source = strip_tags($source, $allowedTags);
  return preg_replace(＇/<(.*?)>/ie＇, "＇<＇.removeEvilAttributes(＇\1＇).＇>＇", $source);
}

function removeEvilAttributes($tagSource)
{
  global $stripAttrib;
  return stripslashes(preg_replace("/$stripAttrib/i", ＇forbidden＇, $tagSource));
}