PHP防止DOM注入脚本,过滤文本中的SCRIPT标签
public function scriptReplace($string){
$preg = "/<script[\s\S]*?<\/script>/i";
return preg_replace($preg,"",$string,-1);
}
posted on 2016-05-31 18:20 lianruihong 阅读(880) 评论(0) 编辑 收藏 举报