使用strip_tags函数

时间:2011-10-23 01:57:01

标签: php strip-tags

我想在这个问题前加上我是学生的事实,这是我的第一个PHP课程。所以,以下问题可能有点新手......

好的,所以这个程序的目的是让我通过正则表达式过滤表单中的结果,同时清理文本区域内容......

到目前为止,除了strip_tags位之外,一切正常。我将其设置为允许标记<b><p>,当我在文本区域中输入常规文本时,它会完美返回。如果我输入<b>lucky</b>之类的内容,则返回的所有内容均为“b”。

我会发布我的代码。如果有人能帮助我,我会喜欢它。在这一点上,我非常沮丧。我已经研究了我的讲师提供的示例(我的几乎完全相同),我已经浏览了PHP.net手册,从我看到它应该工作......

工作代码位于http://www.lampbusters.com/~beckalyce/prog3b.php

<?php

if ( $_SERVER['REQUEST_METHOD'] == 'GET' )
{
    echo <<<STARTHTML
        <div class="content"><h1>Site Sign Up</h1>
        <h3>Enter Information</h3>
        <hr />
        <form method="post" action="$_SERVER[PHP_SELF]">
        <p>Full Name: <input type="text" name="fullName" size="30" /></p>
        <p>Password: <input type="password" name="password" size="30" maxlength="12" /></p>
        <p>Email: <input type="text" name="email" size="30"/></p>
        <p>Tell us about yourself:<br />
        <textarea name="aboutYou" rows="5" cols="40"></textarea><br />
        <input type="submit" name="submitted" value="submit" />&nbsp;<input type="reset" /></p>
        </form></div>
STARTHTML;

}
elseif ( $_SERVER['REQUEST_METHOD'] == 'POST')
{

    $errors = array();

    $dirtyName = $_POST['fullName'];
    $filterName = '/(\w+ ?){1,4}/';
    if (preg_match($filterName, $dirtyName, $matchName))
    {
        $cleanedName = ucwords(strtolower(trim(strip_tags(stripslashes($matchName[0])))));
    }
    else
    {
        $errors[] = "Enter a valid name. <br />";
    }

    $dirtyPass = $_POST['password'];
    $filterPass = '/[a-zA-Z0-91@#$%^&*]{8,12}/';
    if (preg_match($filterPass, $dirtyPass, $matchPass))
    {
        $cleanedPass = $matchPass[0];
    }
    else
    {
        $errors[] = "Enter a valid password. <br />";
    }

    $dirtyEmail = $_POST['email'];
    $filterEmail = '/^(?:\w+[.+-_]?){1,4}(?:\w+)@(?:\w+\.){1,3}\w{2,4}/';
    if (preg_match($filterEmail, $dirtyEmail, $matchEmail))
    {
        $cleanedEmail = $matchEmail[0];
    }
    else
    {
        $errors[] = "Enter a valid email address. <br />";
    }

    $dirtyText = $_POST['aboutYou'];
    $filterText = '/((\w+)[ ."\'?!,-]{0,3})+/';
    if (preg_match($filterText, $dirtyText, $matchText))
    {
        $validText = $matchText[0];
        $ignore = '<b><p>';
        $notags = strip_tags($validText,$ignore);
        $cleanedText = preg_replace('/fuck|shit|ass|bitch|android/i',"*****",$notags);
    }
    else
    {
        $errors[] = "Enter information about yourself. <br />";
    }

    if (count($errors) == 0)
    {
        echo <<<STARTHTML2
            <div class="content"><h1>Site Sign Up</h1>
            <h3>Verify your information</h3>
            <hr />
            Name: <span class="choices"> $cleanedName <br /></span>
            Password: <span class="choices">$cleanedPass <br /></span>
            Email: <span class="choices">$cleanedEmail <br /></span>
            About you: <span class="choices">$cleanedText <br /></span>
STARTHTML2;

    }
    else
    {
        echo "<div class=\"content\">Please correct the following errors:<br />\n";
        $errnum = 1;
        foreach ($errors as $inderr)
        {
            echo "$errnum. $inderr";
            $errnum++;
        }
    }
    echo '<br /><a href="prog3.php">Back to Form</a>';
    echo '</div>';
    echo '<p style="text-align: center">' . date('l, F d, Y') . '</p>';
}
?>

1 个答案:

答案 0 :(得分:0)

看起来你的正则表达式不允许&lt;和&gt;字符,如果它是为了匹配整个文本,它应该以^开头并以$结尾,否则它只会匹配输入的一小部分,因为它可以根据可能发生在在提供<b>TextHere

时,只需在$ match [0]中返回'b'即可