Best way to sanitize content with PHP?
Which is the best way to "sanitize" content? An example...
Example - Before sanitize:
Morbi mollis ante vitae massa suscipit a tempus est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.
Morbi mollis ante vitae est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.
Example - After sanitize:
<p>Morbi mollis ante vitae massa suscipit a tempus est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. 开发者_StackOverflow社区Nulla mattis iaculis consectetur.</p>
<p>Morbi mollis ante vitae est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.</p>
What it should do
- It should add p-tags instead of line break like.
- It should remove empty space like tripple spaces
- It should remove double line breaks.
- It should remove tabs.
- It should remove line breaks and spaces before the content if any.
- It should remove line breaks and spaces after the content if any.
Right know I use the str_replace
function and it should be a better solution for this?
I want the function to look like this:
function sanitize($content)
{
// Do the magic!
return $content;
}
- It should add p-tags instead of line break like.
Run it through something like the Textile interpreter, or Markdown, or any another humane markup language which suits your needs.
- It should remove empty space like tripple spaces
- It should remove double line breaks.
- It should remove tabs.
- It should remove line breaks and spaces before the content if any.
- It should remove line breaks and spaces after the content if any.
Why bother? When HTML is rendered as a document, multiple white space characters are reduced to a single space, no? Most of your problems solve themselves.
function sanitize($content) {
// leading white space
$content = preg_replace('!^\s+!m', '', $content);
// trailing white space
$content = preg_replace('![ \t]+$!m', '', $content);
// tabs and multiple white space
$content = preg_replace('![ \t]+!', ' ', $content);
// multiple newlines
$content = preg_replace('![\r\n]+!', "\n", $content);
// paragraphs
$content = preg_replace('!(.+)!m', '<p>$1</p>', $content);
// done
return $content;
}
Example:
$s = <<<END
Morbi mollis ante vitae massa suscipit a tempus est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.
Morbi mollis ante vitae est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.
END;
$out = sanitize($s);
Output:
<p>Morbi mollis ante vitae massa suscipit a tempus est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.</p>
<p>Morbi mollis ante vitae est pellentesque. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Nulla mattis iaculis consectetur.</p>
Take a look at Sanitize class of CakePHP.
Tidy!!
There is a pretty outdated article on zend, but check out the example they give:
http://devzone.zend.com/article/761
精彩评论