forked from extern/egroupware
8f797be836
- can be used via html class like:
$clean_html = html::purify($html);
- using it now in eTemplate to remove malicious code from html:
a) when displaying "formatted text"
b) when "formatted text" get's input by the user
24 lines
545 B
PHP
Executable File
24 lines
545 B
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* @file
|
|
* Defines a function wrapper for HTML Purifier for quick use.
|
|
* @note ''HTMLPurifier()'' is NOT the same as ''new HTMLPurifier()''
|
|
*/
|
|
|
|
/**
|
|
* Purify HTML.
|
|
* @param $html String HTML to purify
|
|
* @param $config Configuration to use, can be any value accepted by
|
|
* HTMLPurifier_Config::create()
|
|
*/
|
|
function HTMLPurifier($html, $config = null) {
|
|
static $purifier = false;
|
|
if (!$purifier) {
|
|
$purifier = new HTMLPurifier();
|
|
}
|
|
return $purifier->purify($html, $config);
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|