版权属于:
小日志
作品采用:
《
署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0)
》许可协议授权
未命名文档
2021-04-03
<?php
/* 过滤短代码 */
require_once('short.php');
function _checkXSS($text)
{
$isXss = false;
$list = array(
'/onabort/is',
'/onblur/is',
'/onchange/is',
'/onclick/is',
'/ondblclick/is',
'/onerror/is',
'/onfocus/is',
'/onkeydown/is',
'/onkeypress/is',
'/onkeyup/is',
'/onload/is',
'/onmousedown/is',
'/onmousemove/is',
'/onmouseout/is',
'/onmouseover/is',
'/onmouseup/is',
'/onreset/is',
'/onresize/is',
'/onselect/is',
'/onsubmit/is',
'/onunload/is',
'/eval/is',
'/ascript:/is',
'/style=/is',
'/width=/is',
'/width:/is',
'/height=/is',
'/height:/is',
'/src=/is',
);
if (strip_tags($text)) {
for ($i = 0; $i < count($list); $i++) {
if (preg_match($list[$i], $text) > 0) {
$isXss = true;
break;
}
}
} else {
$isXss = true;
};
return $isXss;
}
/* 过滤评论回复 */
function _parseCommentReply($text)
{
if (_checkXSS($text)) {
echo "该回复疑似异常,已被系统拦截!";
} else {
$text = _parseReply($text);
echo preg_replace('/\{!\{([^\"]*)\}!\}/', '<img class="lazyload draw_image" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" data-src="$1" onerror="javascript: this.src=\'data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\';" alt="画图"/>', $text);
}
}我
| 表头 | 表头 | 表头 |
|---|---|---|
| 表格 | 表格 | 表格 |
| 表格 | 表格 | 表格 |
| 表格 | 表格 | 表格 |
都是