Filter.class.php :
1 <?php
2 class Filter{
3
4 /**
5 * 将\n转化为<br/>
6 *
7 * @param string $string 待转换的字符串
8 * @return string
9 */
10 static public function nl2br($string){
11 return nl2br($string);
12 }
13
14 /**
15 * 将<br/>转化为\n
16 *
17 * @param string $string 待转换的字符串
18 * @return string
19 */
20 static public function br2nl($string){
21 $array = array('<br>', '<br/>');
22 return str_replace($array, "\n", $string);
23 }
24
25 /**
26 * 多个连续空格只保留一个
27 * @param $string 待转换的字符串
28 * @return mixed
29 */
30 static public function mergeSpaces($string){
31 return preg_replace("/\s(?=\s)/","\\1", $string);
32 }
33
34 /**
35 * 过滤字符串中开头和结尾的特定字符
36 * @param string $string 待转换的字符串
37 * @param string $char_list 要转换的特定字符列表
38 * @return string
39 */
40 static public function trim($string, $char_list='\\\\s'){
41
42 $chars = preg_replace(
43 array( '/[\^\-\]\\\]/S', '/\\\{4}/S', '/\//'),
44 array( '\\\\\\0', '\\', '\/' ),
45 $char_list);
46 $pattern = '^[' . $chars . ']*|[' . $chars . ']*';
47
48 return preg_replace("/$pattern/sSD", '', $string);
49 }
50
51 /**
52 * 过滤特殊字符
53 *
54 * @param string $string 待转换的字符串
55 * @return string
56 */
57 static public function filterSpecial($string)
58 {
59 $search = array (
60 "'<script[^>]*?>.*?</script>'si", // 去掉 javascript
61 "'([\r\n\s])'", // 去掉空白字符
62 "'(\')'" // 替换英文'为中文’
63 );
64
65 $replace = array ("","","’",);
66
67 return preg_replace ($search, $replace, $string);
68 }
69
70 /**
71 * 过滤HTML标记
72 *
73 * @param string $string 需过滤内容
74 * @return string
75 */
76 static public function filterHtml($string)
77 {
78 $search = array (
79 "'<script[^>]*?>.*?</script>'si", // 去掉 javascript
80 "'<[\/\!]*?[^<>]*?>'si", // 去掉 HTML 标记
81 "'([\r\n\s])'" , // 去掉空白字符
82 "'(\')'" // 替换英文'为中文’
83 );
84
85 $replace = array ("","","","’");
86
87 return preg_replace ($search, $replace, $string);
88 }
89
90 /**
91 * 过滤字符串
92 * @param string $string 待转换的字符串
93 * @return string
94 */
95 static public function filterString($string)
96 {
97
98 $search = array (
99 "'<script[^>]*?>.*?</script>'si",
100 "'<[\/\!]*?[^<>]*?>'si",
101 "'[\r\n]|[\s]+'",
102 "'&(lt|#60);'i",
103 "'\''",
104 "'&(gt|#62);'i",
105 "'[<]|[>]'",
106 "'delete'i",
107 "'update'i",
108 "'sele'i",
109 "'insert'i",
110 "'into'i",
111 "'where'i",
112 "'set'i",
113 "'from'i",
114 "'script'i",
115 "'value'i",
116 "'exe'i",
117 "'localgroup'i",
118 "'chr'i",
119 "'truncate'i",
120 "'sysobjects'i",
121 "'syscolumns'i",
122 "'master'i",
123 "'/add'i",
124 "'cmdshell'i",
125 "'drop'i",
126 "'\\\'");
127
128 $replace = array("");
129
130 return preg_replace($search, $replace,$string);
131 }
132
133 static public function filterContent($string)
134 {
135 $search = array ("'<script[^>]*?>.*?</script>'si", // 去掉 javascript
136 "'\''",
137 "'&(lt|#60);'i",
138 "'&(gt|#62);'i",
139 "'delete'i",
140 "'update'i",
141 "'into'i",
142 "'where'i",
143 "'set'i",
144 "'sele'i",
145 "'insert'i",
146 "'from'i",
147 "'value'i",
148 "'exe'i",
149 "'localgroup'i",
150 "'chr'i",
151 "'truncate'i",
152 "'sysobjects'i",
153 "'syscolumns'i",
154 "'master'i",
155 "'/add'i",
156 "'cmdshell'i",
157 "'drop'i",
158 "'\\\'");
159
160 $replace = array ("");
161
162 return preg_replace($search, $replace, $string);
163 }
164
165 static public function filterEditor($string){
166
167 $search = array (
168 "'<[\/\!]*?span[^<>]*?>'si", // 去掉 span
169 "'<[\/\!]*?div[^<>]*?>'si", // 去掉 div
170 );
171
172 $replace = array ("");
173
174 return preg_replace($search, $replace, $string);
175 }
176 }
177 ?>
//php 页面调用
pc_base::load_app_class(‘Filter’,’user’);
$wxid = !empty($_REQUEST[‘wxid’]) ? Filter::filterString($_REQUEST[‘wxid’]) : ”;