5 public static function htmlparse($data)
9 if function finds anything unsafe,it will return
10 FALSE and saves a reason info global variable $htmlparse
15 $data = StrToLower(" ".$data);
17 // tags, I don
\14 need to close
18 $unpaired = Array('br'=>1,
19 'br/'=>1, // fix later ;)
28 $allowed = Array('b'=>1,
54 'br/'=>1, // fix later
78 this part will go trought string and will ensure, if all tags are closed
81 $tok = StrTok($data, '<');
83 while(!($tok === FALSE)){
84 if(!StrStr($tok,'>')):
85 $htmlparse = 'Chyba HTML syntaxe!';
86 //$htmlparse = 'Wrong HTML syntax!';
88 elseif(StrStr($tok,"<")):
89 $htmlparse = 'Chyba HTML syntaxe!';
90 //$htmlparse = 'Wrong HTML syntax!';
97 main part of the function - it will check allowed tags, some parameters and so on...
100 $tok = StrTok($data, '<');
103 while(!($tok === FALSE)):
105 $tag = Split('>',$tok,2);
106 $attrib = Split("[[:space:]>]",$tag[0],2);
107 if($allowed[$attrib[0]] != 1 && $allowed[SubStr($attrib[0],1)] != 1): // if tag isn
\14 in allowed array
108 $htmlparse = 'Zakazany tag <'.$attrib[0].'>!';
109 //$htmlparse = 'Forbidden tag <'.$attrib[0].'>!';
112 if('/'.$tags[$j] == $attrib[0]): // closing tag for last opening tag
113 if($tags[$j] == 'table' && $opened_tables > 0):
117 elseif($tags[$j] == 'xmp'): // XMP tag...ignore eny other tags between them
119 if(SubStr($attrib[0],0,1) == '/' && $unpaired[$tags[$j]]): // do I need to close the tag?
122 elseif(SubStr($attrib[0],0,1) == '/'): // am I closing something, I didn
\14 open?
123 $htmlparse = 'Chyba u tagu <'.$tag[0].'>! Zavirate tag, ktery jste neotevrel!';
124 //$htmlparse = 'Error near tag <'.$tag[0].'>! Closing tag, that wasn
\14 opened!';
126 elseif(Ereg(' on',' '.$attrib[1])): // temporary solution for pernament problem...and it isn
\14 suicide
127 $htmlparse = 'JavaScript je na hovno!';
128 //$htmlparse = 'JavaScript sux!';
130 elseif(Ereg('/on',' '.$attrib[1])): // temporary solution for pernament problem...and it isn
\14 suicide
131 $htmlparse = 'z bezpecnostnych dovodov nieje povolene vkladat do tagov retazec "/on"';
136 elseif(Ereg(' style',' '.$attrib[1])): // styles are forbidden - don
\14 look at me THAT way ;)
137 $htmlparse = 'Ten "style" se mi tam nezda!';
138 //$htmlparse = '"styles" are forbidden!';
141 elseif(Ereg('://',' '.$attrib[1]) && $attrib[0] != "img" && $attrib[0] != "a"): // adresses in attributes (except A and IMG tags) are forbidden
142 $htmlparse = 'Neco se mi tam nelibi! To je hlaska HTML validace - nejedna se o nejakou cenzuru ;)';
143 //$htmlparse = 'Forbidden usage of adresses in tags!';
145 elseif((SubStr_Count($attrib[1],'"')%2) > 0): // are quotes closed? can do mess if they aren
\14
146 $htmlparse = 'Neuzavrel jste uvozovky uvnitr tagu <'.$attrib[0].'>!';
147 //$htmlparse = 'Close quotes in tag <'.$tag[0].'>!';
149 elseif(Ereg('\?',$attrib[1]) && $attrib[0] == 'img'): // don
\14 allow parameters in IMG tags
150 $htmlparse = 'Chyba u tagu <img> - nejsou povoleny parametry v adrese!';
151 //$htmlparse = 'Error in tag <img> - parameters in image adresses are forbidden!';
153 elseif(($attrib[0] == 'td' || $attrib[0] == 'tr') && $opened_tables == 0):
154 $htmlparse = 'Strkej si ty tagy do vlastni tabulky, jo?';
156 elseif($attrib[0] == 'table'):
160 $tags[$j] = $attrib[0];
168 just check, if all tags are properly closed
172 if($unpaired[$tags[$j]]):
176 $htmlparse = 'Neuzavrel jste tag <'.$tags[$j].'>!';
177 //$htmlparse = 'Tag <'.$tags[$j].'> wasn
\14 closed correctly!';