<?php function _removeXSS($val) { $search = ‘abcdefghijklmnopqrstuvwxyz‘; $search .= ‘ABCDEFGHIJKLMNOPQRSTUVWXYZ‘; $search .= ‘[email protected]#$%^&*()‘; $search .= ‘~`";:?+/={}[]-_|\‘\\‘; for($i = 0; $i < strlen ( $search ); $i ++) { $val = preg_replace( ‘/(&#[xX]0{0,8}‘ . dechex(ord( $search [$i])) . ‘;?)/i‘, $search[$i], $val); $val = preg_replace( ‘/(�{0,8}‘ . ord($search[$i]) . ‘;?)/‘, $search[$i], $val); } $ra1 = array(‘javascript‘,‘vbscript‘,‘expression‘,‘applet‘,‘meta‘,‘xml‘,‘blink‘,‘link‘,‘style‘,‘script‘,‘embed‘,‘object‘,‘iframe‘,‘frame‘,‘frameset‘,‘ilayer‘,‘layer‘,‘bgsound‘,‘title‘,‘base‘ ); $ra2 = array(‘onabort‘,‘onactivate‘,‘onafterprint‘,‘onafterupdate‘,‘onbeforeactivate‘,‘onbeforecopy‘,‘onbeforecut‘,‘onbeforedeactivate‘,‘onbeforeeditfocus‘,‘onbeforepaste‘,‘onbeforeprint‘,‘onbeforeunload‘,‘onbeforeupdate‘,‘onblur‘,‘onbounce‘,‘oncellchange‘,‘onchange‘,‘onclick‘,‘oncontextmenu‘,‘oncontrolselect‘, ‘oncopy‘, ‘oncut‘,‘ondataavailable‘,‘ondatasetchanged‘,‘ondatasetcomplete‘,‘ondblclick‘,‘ondeactivate‘,‘ondrag‘,‘ondragend‘,‘ondragenter‘,‘ondragleave‘,‘ondragover‘,‘ondragstart‘,‘ondrop‘,‘onerror‘,‘onerrorupdate‘,‘onfilterchange‘,‘onfinish‘,‘onfocus‘,‘onfocusin‘,‘onfocusout‘,‘onhelp‘,‘onkeydown‘,‘onkeypress‘,‘onkeyup‘,‘onlayoutcomplete‘,‘onload‘,‘onlosecapture‘,‘onmousedown‘,‘onmouseenter‘,‘onmouseleave‘,‘onmousemove‘,‘onmouseout‘,‘onmouseover‘,‘onmouseup‘,‘onmousewheel‘,‘onmove‘,‘onmoveend‘,‘onmovestart‘,‘onpaste‘,‘onpropertychange‘,‘onreadystatechange‘,‘onreset‘,‘onresize‘,‘onresizeend‘,‘onresizestart‘,‘onrowenter‘,‘onrowexit‘,‘onrowsdelete‘,‘onrowsinserted‘,‘onscroll‘,‘onselect‘,‘onselectionchange‘,‘onselectstart‘,‘onstart‘,‘onstop‘,‘onsubmit‘, ‘onunload‘ ); $ra = array_merge($ra1, $ra2); $found = true; while ($found == true) { $valBefore = $val; for($i = 0; $i < sizeof ($ra); $i ++) { $pattern = ‘/‘; for($j = 0; $j < strlen($ra[$i]); $j ++) { if ($j > 0) { $pattern .= ‘(‘; $pattern .= ‘(&#[xX]0{0,8}([9ab]);)‘; $pattern .= ‘|‘; $pattern .= ‘|(�{0,8}([9|10|13]);)‘; $pattern .= ‘)*‘; } $pattern .= $ra[$i][$j]; } $pattern .= ‘/i‘; $replacement = substr($ra[$i], 0, 2) . ‘<x>‘ . substr($ra[$i], 2); $val = preg_replace($pattern, $replacement, $val); if ($valBefore == $val) { $found = false; } } } return $val; } echo _removeXSS ( "<ef10000><script language=‘javascript‘>alert(‘hello world‘);</script>" ); ?>
时间: 2024-10-12 18:17:25