From eb9f569b1c92f8ac653a011836281323c3403d22 Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Mon, 20 Dec 2004 01:35:45 +0000
Subject: [PATCH] r4: Historical checkin for functions_cleanhtml.php (removed
 later).

---
 includes/functions_cleanhtml.php | 78 ++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 includes/functions_cleanhtml.php

diff --git a/includes/functions_cleanhtml.php b/includes/functions_cleanhtml.php
new file mode 100644
index 0000000..483b5bd
--- /dev/null
+++ b/includes/functions_cleanhtml.php
@@ -0,0 +1,78 @@
+<?php
+/*=====================================================================*\
+|| ################################################################### ||
+|| # [#]app[#] [#]version[#]
+|| # --------------------------------------------------------------- # ||
+|| # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No     # || 
+|| # part of this file may be reproduced in any way: part or whole.  # ||
+|| # --------------------------------------------------------------- # ||
+|| # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com   # ||
+|| ################################################################### ||
+\*=====================================================================*/
+
+// ###################### Start process_raw_html #####################
+// this cleans out all of the unsafe HTML tags
+function process_raw_html($text)
+{
+	// remove big scripts
+	$text = preg_replace('#<script(.*?)script>#isU', '', $text);
+	
+	// clean tags
+	$tagarray = array('img', 'a', 'strong', 'b', 'em', 'i', 'u', 's', 'br', 'p');
+	foreach ($tagarray AS $tag)
+	{
+		$goodtags .= '<' . $tag . '>';
+	}
+	
+	// remove js attributes
+	$text = preg_replace('#href=("|\'|&quot;)javascript:(.*?)\\1#i', 'href="&#106;&#97;"', $text);
+	
+	$text = strip_tags($text, $goodtags);
+	return $text;
+}
+
+// ##################### Start process_safe_html #####################
+// this removes any attempts to use <a href="javascript:"> type things
+function process_safe_html($text)
+{
+	//$text = preg_replace('#javascript#i', 'java&nbsp;script', $text);
+	$text = preg_replace('#</?(table|form|tr|td|tbody|thead) ?(.*?)?>#isU', '', $text);
+	return $text;
+}
+
+// ###################### Start process_all_html #####################
+// say goodbye to anything in a tag
+function process_all_html($text)
+{
+	$text = preg_replace('#</?(.+?)>#', '', $text);
+	$text = strip_tags($text);
+	return $text;
+}
+
+// ##################### Start process_post_html #####################
+function process_post_html($text, $allowraw = 0, $allowsafe = 1)
+{
+	if ($allowraw)
+	{
+		return $text;
+	}
+	if ($allowsafe)
+	{
+		$text = process_raw_html($text);
+		return $text;
+	}
+	if (!$allow AND !$allowsafe)
+	{
+		$text = process_raw_html($text);
+		$text = process_all_html($text);
+		return $text;
+	}
+}
+
+/*=====================================================================*\
+|| ###################################################################
+|| # $HeadURL$
+|| # $Id$
+|| ###################################################################
+\*=====================================================================*/
+?>
\ No newline at end of file
-- 
2.43.5