Location: PHPKode > scripts > HTML Sanitizer > html-sanitizer/sample.php
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
<meta name="generator" content="tsWebEditor (tswebeditor.net.tc - www.tswebeditor.tk)" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
    require_once dirname(__FILE__) . '/sanitizer.class.php';
    
    $test = '<p>Hello</p><script type="text/javascript">alert("plop !")</script>'
        . '<a href="javascript:alert(\'plop !\')">click me!</a>'
        . '<a href="" onclick="alert(\'plop !\');return false;">click me too !</a>'
        . '<img src="javascript:alert(\'xss\')" />'
        . '<img dynsrc="javascript:alert(\'xss\')" />'
        ;

    echo '<h1>Original code</h1>';
    echo "\n";
    echo '<pre>';
    echo htmlspecialchars( $test );
    echo '</pre>';
    echo "\n";

    echo '<h1>Default sanitizer options</h1>';
    echo "\n";
    $san = new HTML_Sanitizer;
    echo '<pre>';
    echo htmlspecialchars( $san->sanitize( $test ) );
    echo '</pre>';
    echo "\n";

    echo '<h1>Allow some dangerous tags</h1>';
    echo "\n";
    $san->allowScript();
    $san->allowDOMEvents();
    echo '<pre>';
    echo htmlspecialchars( $san->sanitize( $test ) );
    echo '</pre>';
    echo "\n";
?>
</body>
</html>
Web-based Email Marketing Software for sending email newsletters
Return current item: HTML Sanitizer