PHP防止JS注入正则
PHP防止JS注入正则
例子代码如下 | |
$a ="/<script[^>]*?>.*?</script>/si"; $keyword = preg_replace($a,' ',$_POST['searchword']); |
其它方法
代码如下 | |
<?php $title="<style>ssss{'float:right'}</style>"; $title = strip_tags($title); if(preg_match('/<style>(.*)</style>|<script>(.*)</script>|<img src=(.*)>/',$title,$info)){ $title=$info['1']; }else{ $title = $title; } echo $title; |