php xss攻撃防止簡易関数

776 ワード

詳細
function xss_clean ($var)
{
    $ra=array('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','/script/i','/javascript/i','/vbscript/i','/onload/i','/onunload/i','/onchange/i','/onsubmit/i','/onreset/i','/onselect/i','/onblur/i','/onfocus/i','/onabort/i','/onkeydown/i','/onkeypress/i','/onkeyup/i','/onclick/i','/ondblclick/i','/onmousedown/i','/onmousemove/i','/onmouseout/i','/onmouseover/i','/onmouseup/i','/onunload/i');
    $var = preg_replace($ra,'',$var);
   
    return htmlspecialchars($var,ENT_QUOTES);
}