Eliminar código Javascript malicioso con expresiones regulares en php

ventics.com| Publicado el: 10/04/2011

function limpiarTags($source, $tags = null)
{
function clean($matched)
{
$attribs =
"javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|".
"onmousemove|onmouseout|onkeypress|onkeydown|onkeyup|".
"onload|class|id|src|style";

$quot = "\"|\'|\`";
$stripAttrib = "' ($attribs)\s*=\s*($quot)(.*?)(\\2)'i";
$clean = stripslashes($matched [0] );
$clean = preg_replace($stripAttrib, '', $clean);
return $clean;
}

$allowedTags='<a> <li><ol><ul>';
$clean = strip_tags($source,…

Leer artículo completo →