I've been down the road of attempting to do this with regular expressions...
i'm no expert, but i work with people who are, and it was a nightmare....

given that the following are common/valid

href = 'something.php'
href = "something.php"

AND you'll have potentially MANY tags with MANY allowed attributes, it turns
into quite a complex regexp really quickly...

i decided that I should probably do it all with a parser, or even a
char-by-char analysis/state engine, but never got much further...

Justin French

on 22/11/02 1:38 AM, David Russell ([EMAIL PROTECTED]) wrote:

> Hi all,
> Following on from a previous discussion, I am trying to write a "safe"
> strip_tags function.
> I start by applying htmlentities to the entire string, and then convert
> "allowed" tags back.
> One of the steps I am looking at doing is to replace something "<a
> href="blah" onmouseover="blah"&gt;" with "<a href="blah">"
> What would be a good preg_replace string for this?
> Preg_replace('/(&lt;A)/i', '<a', $htmlstring);
> Except I need to keep the href="<anything>" as well as the closing >,
> but drop everything else.
> I will be googling on this too, but a reply from this group is always
> quicker <g>
> Thanks
> David Russell
> IT Support Manager
> Barloworld Optimus (Pty) Ltd
> Tel: +2711 444-7250
> Fax: +2711 444-7256
> web: www.BarloworldOptimus.com

Justin French
Web Developent & 
Graphic Design

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to