PHP防止JS注入正则

PHP防止JS注入正则

例子
代码如下

$a ="/<script[^>]*?>.*?</script>/si";

$keyword = preg_replace($a,' ',$_POST['searchword']);

其它方法

代码如下

<?php

$title="<style>ssss{'float:right'}</style>";

$title = strip_tags($title);

if(preg_match('/<style>(.*)</style>|<script>(.*)</script>|<img src=(.*)>/',$title,$info)){

$title=$info['1'];

}else{

$title = $title;

}

echo $title;