45 |
return $str; |
return $str; |
46 |
} |
} |
47 |
|
|
48 |
function MyEscape($str, $full = true) { |
function MyEscape($str, $full = false) { |
49 |
|
if ($full) { |
50 |
|
$str = str_replace("&", "&", $str); |
51 |
|
$str = str_replace("<", "<", $str); |
52 |
|
$str = str_replace(">", ">", $str); |
53 |
|
} |
54 |
$allowed = array("", "A", "B", "I", "U", "UL", "OL", "LI", "TABLE", "TR", "TH", "TD", "HR", "SUP", "SUB"); |
$allowed = array("", "A", "B", "I", "U", "UL", "OL", "LI", "TABLE", "TR", "TH", "TD", "HR", "SUP", "SUB"); |
55 |
$str = preg_replace('/(^[ ]+|[ ]+$)/m', '', $str); |
$str = preg_replace('/(^[ ]+|[ ]+$)/m', '', $str); |
56 |
$str = preg_replace('/(\<\/?\s*(\w+)\\b[^\>]*\>)/e', 'array_search(MyUpper("\2"),'. |
$str = preg_replace('/(\<\/?\s*(\w+)\\b[^\>]*\>)/e', 'array_search(MyUpper("\2"),'. |
57 |
'\$allowed,false)?"\1":HTMLSpecialChars("\1")', $str); |
'\$allowed,false)?"\1":HTMLSpecialChars("\1")', $str); |
58 |
$str = preg_replace('/(\<\s*A\b)/i', '\\1 target=_blank class=more', $str); |
$str = preg_replace('/(\<\s*A\b)/i', '\\1 target=_blank class=more', $str); |
59 |
|
$str = preg_replace('/(target=_blank class=[^ ]+)( target=_blank class=[^ ]+)+/', '\\1', $str); |
60 |
$str = preg_replace('/(\<\s*TABLE\b)/i', '\\1 class=normal', $str); |
$str = preg_replace('/(\<\s*TABLE\b)/i', '\\1 class=normal', $str); |
61 |
$str = preg_replace('/(class=[^ ]+)( class=[^ ]+)+/', '\\1', $str); |
$str = preg_replace('/(class=[^ ]+)( class=[^ ]+)+/', '\\1', $str); |
62 |
$str = my_replace($str, "<TABLE", "/TABLE>"); |
$str = my_replace($str, "<TABLE", "/TABLE>"); |
104 |
# If a number, don't touch it |
# If a number, don't touch it |
105 |
if (strcmp(intval($str)."", $str."") == 0) return $str; |
if (strcmp(intval($str)."", $str."") == 0) return $str; |
106 |
|
|
107 |
# Replace "``" and "''" with """ (normal ASCII double quote) |
# Replace "``", "''", "<<" and ">>" with """ (normal ASCII double quote) |
108 |
$str = str_replace("", '"', $str); |
$str = str_replace("", '"', $str); |
109 |
$str = str_replace("", '"', $str); |
$str = str_replace("", '"', $str); |
110 |
|
$str = str_replace("", '"', $str); |
111 |
|
$str = str_replace("", '"', $str); |
112 |
# Replace "-" with "-" |
# Replace "-" with "-" |
113 |
$str = str_replace("", '-', $str); |
$str = str_replace("", '-', $str); |
114 |
# Replace character references ("&...;" and "&#...;") with its value |
# Replace character references ("&...;" and "&#...;") with its value |