Knightnet Site Design - Standard HTML routines

The "websafe" function ensures that user input is safe. and the "email" function does just that while ensuring that the default address is NEVER published to the web.

<?php # HTML related functions # ------------------------------------------------------------------------- # Author: J.Knight, May 2003, All rights reserved # Please contact the author via http://www.knightnet.org.uk/contacting.htm # if you wish to use these functions # Version: 1.0, 9/Jun/2003 # ------------------------------------------------------------------------- // ------------------------------------------------------------------------ # Function to ensure only SAFE HTML is allowed in a text field # Parameters: # $text=Text to translate (truncates to 64kB) # $altTags=Allow simple alternative markup: [b], [url], etc. # $safeTags=Filter out all HTML tags except those marked as safe # if set to false, allow NO HTML at all # $transBr=Translate newlines to tags # $trim=Max num of chars to accept (truncates after this) default=64kB # All of the translations can be used together # NOTE that if $safeTags=FALSE, the text will have ALL html special # chars converted to entities for added safety - happens early on // ------------------------------------------------------------------------ function webSafe($text,$safeTags=TRUE,$altTags=TRUE,$transBr=TRUE,$trim=65536) { # Allow for blank string without error if (strlen($text)==0) return; # Truncate text as required if (strlen($text)>$trim) $text=substr($text, 0, $trim).'...'; # --- OPTIONAL - Web safe tags --- if ($safeTags) { $html_tags = "a|b|i|u|p|div|span|h1|h2|h3|h4|h5|ol|ul|li|blockquote|hr|table|th|tr|td|tbody|em|strong|font"; $text=preg_replace("'(<)+(/?.+>?)'i", "<$2", $text); $text=preg_replace("'(<)+(/?\b($html_tags){1}\b>?)'i", "<$2", $text); } else { # remove ALL tags (and escape anything missed) $text=htmlspecialchars($text, ENT_QUOTES); } # --- OPTIONAL - Alt simple web tags --- if ($altTags) { $patt=array( '/(\[b\])(.*?)(\[[bB]\])/s', # bold [b] '/(\[B\])(.*?)(\[[Bb]\])/s', # bolder [B] '/(\[u\])(.*?)(\[u\])/is', # underlined [u] '/(\[i\])(.*?)(\[i\])/is', # italic [i] '/(\[s\])(.*?)(\[s\])/is', # strikethrough [s] '/(\[p\])(.*?)(\[[pP]\])/s', # Para (compact) [p] '/(\[P\])(.*?)(\[[Pp]\])/s', # Para [P] '/(\[e\])(.*?)(\[e\])/is', # List entry [e] '/(\[\*\])(.*?)(\[\*\])/is', # Unordered list [*] '/(\[o\])(.*?)(\[o\])/is', # Ordered list [o] '/(\[d\])(.*?)(\[d\])/is', # Table Cell [d] '/(\[r\])(.*?)(\[r\])/is', # Table Row [r] '/\[t\](.*?)\[t\]/is', # Table (with border) [t] '/\[t0\](.*?)\[t0\]/is', # Table (NO border) [t0] '/(\[L\])(.*?)(\[\:\])(.*?)(\[L\])/is', # URL Link (complex) w/ text [L] '/(\[\#(.*?)\])(.*?)(\[#\])/is', # Foreground colour [#rrggbb] '/(\[\!(.*?)\])(.*?)(\[!\])/is', # Background colour [&rrggbb] '/\[H([12345]{1,1})\](.*?)\[H[12345]{1,1}\]/is', # Headings (1-5) [h1] etc '/\[(R|H)\]/is', # Horizontal Rule (Line) [r] or [h] - no closing tag '/\[N\]/is', # New Line [n] - no closing tag '/(\[)(.*?)(.php|.htm|.html)*(\])/s', # Simple URL link [url] - no closing tag '', # simple image link - no closing tag ); $repl=array( # Array of replacements for safe tags '$2', '$2', '$2', '$2', '$2', '$2', '$2', '<li>$2</li>', '<ul>$2</ul>', '<ol>$2</ol>', '<td>$2</td>', '<tr>$2</tr>', '<table cellpadding="0" cellspacing="0" border="1">$1</table>', '<table cellpadding="0" cellspacing="0" border="0">$1</table>', '<a href="$2">$4</a>', '$3', '$3', '<h$1>$2</h$1>', '<hr />', ' ', '<a href="$2$3">$2</a>', '', ); $text=preg_replace($patt,$repl,$text); } # --- OPTIONAL - remove all CRLF's, etc & replace with br tags --- if ($transBr) { # 1st leave us with only \n (win browsers & most win text editors are fine with this) $text=str_replace("\r\n","\n",$text); # get rid of CRs (in windows files) $text=str_replace("\r","\n",$text); # get rid of CRs (in mac files) $text=str_replace("\n"," \n",$text); } # --- --- --- return $text; } // -------------------------------------------------------------- // -------------------------------------------------------------- # Quick function to send an email # Used for forms based email, adds extra headers to cope with # broken email servers/clients & anti-spam tools // -------------------------------------------------------------- // NOTE: DEFAULT ADDRESS REMOVED FOR SECURITY, PLEASE ADD YOUR OWN instead of the "xxxxxx" // -------------------------------------------------------------- function eMail($fromname, $fromaddr, $subject, $body, $priority=3, $qhtml=FALSE, $toname='Knightnet Form Mail', $toaddr='xxxxxx') { $headers ="MIME-Version: 1.0\n" ; if ($qhtml) $headers.="Content-Type: text/html; charset=iso-8859-1\n"; else $headers.="Content-type: text/plain; charset=iso-8859-1\n"; $headers.="Reply-To: $fromname <$fromaddr>\n"; $headers.="X-Sender: $fromname <$fromaddr>\n"; $headers.="X-Mailer: Knightnet Form Mail v1.0\n"; $headers.="X-Priority: $priority\n"; if ($priority>3) $headers.="X-MSMail-Priority: High\n"; elseif ($priority<3) $headers.="X-MSMail-Priority: Low\n"; else $headers.="X-MSMail-Priority: Normal\n"; $headers.="Return-Path: <$fromaddr>\n"; # Add my domain if none specified if (!strstr($toaddr,'@')) $toaddr.='xxxxxxx'; # return TRUE/FALSE return @mail("$toname <$toaddr>", $subject, $body, $headers); } // -------------------------------------------------------------- ?>

	Knightnet Site Design - Standard HTML routines You are in section: Home > Site Design > Template Files Site Map \| Site Search
	This is an include file containing some standard HTML functions. The "websafe" function ensures that user input is safe. and the "email" function does just that while ensuring that the default address is NEVER published to the web. <?php # HTML related functions # ------------------------------------------------------------------------- # Author: J.Knight, May 2003, All rights reserved # Please contact the author via http://www.knightnet.org.uk/contacting.htm # if you wish to use these functions # Version: 1.0, 9/Jun/2003 # ------------------------------------------------------------------------- // ------------------------------------------------------------------------ # Function to ensure only SAFE HTML is allowed in a text field # Parameters: # $text=Text to translate (truncates to 64kB) # $altTags=Allow simple alternative markup: [b], [url], etc. # $safeTags=Filter out all HTML tags except those marked as safe # if set to false, allow NO HTML at all # $transBr=Translate newlines to <br> tags # $trim=Max num of chars to accept (truncates after this) default=64kB # All of the translations can be used together # NOTE that if $safeTags=FALSE, the text will have ALL html special # chars converted to entities for added safety - happens early on // ------------------------------------------------------------------------ function webSafe($text,$safeTags=TRUE,$altTags=TRUE,$transBr=TRUE,$trim=65536) { # Allow for blank string without error if (strlen($text)==0) return; # Truncate text as required if (strlen($text)>$trim) $text=substr($text, 0, $trim).'...'; # --- OPTIONAL - Web safe tags --- if ($safeTags) { $html_tags = "a\|b\|i\|u\|p\|div\|span\|h1\|h2\|h3\|h4\|h5\|ol\|ul\|li\|blockquote\|hr\|table\|th\|tr\|td\|tbody\|em\|strong\|font"; $text=preg_replace("'(<)+(/?.+>?)'i", "<$2", $text); $text=preg_replace("'(<)+(/?\b($html_tags){1}\b>?)'i", "<$2", $text); } else { # remove ALL tags (and escape anything missed) $text=htmlspecialchars($text, ENT_QUOTES); } # --- OPTIONAL - Alt simple web tags --- if ($altTags) { $patt=array( '/(\[b\])(.?)(\[[bB]\])/s', # bold [b] '/(\[B\])(.?)(\[[Bb]\])/s', # bolder [B] '/(\[u\])(.?)(\[u\])/is', # underlined [u] '/(\[i\])(.?)(\[i\])/is', # italic [i] '/(\[s\])(.?)(\[s\])/is', # strikethrough [s] '/(\[p\])(.?)(\[[pP]\])/s', # Para (compact) [p] '/(\[P\])(.?)(\[[Pp]\])/s', # Para [P] '/(\[e\])(.?)(\[e\])/is', # List entry [e] '/(\[\\])(.?)(\[\\])/is', # Unordered list [] '/(\[o\])(.?)(\[o\])/is', # Ordered list [o] '/(\[d\])(.?)(\[d\])/is', # Table Cell [d] '/(\[r\])(.?)(\[r\])/is', # Table Row [r] '/\[t\](.?)\[t\]/is', # Table (with border) [t] '/\[t0\](.?)\[t0\]/is', # Table (NO border) [t0] '/(\[L\])(.?)(\[\:\])(.?)(\[L\])/is', # URL Link (complex) w/ text [L] '/(\[\#(.?)\])(.?)(\[#\])/is', # Foreground colour [#rrggbb] '/(\[\!(.?)\])(.?)(\[!\])/is', # Background colour [&rrggbb] '/\[H([12345]{1,1})\](.?)\[H[12345]{1,1}\]/is', # Headings (1-5) [h1] etc '/\[(R\|H)\]/is', # Horizontal Rule (Line) [r] or [h] - no closing tag '/\[N\]/is', # New Line [n] - no closing tag '/(\[)(.?)(.php\|.htm\|.html)(\])/s', # Simple URL link [url] - no closing tag '', # simple image link - no closing tag ); $repl=array( # Array of replacements for safe tags '<b>$2</b>', '<b class="font-weight: bolder">$2</b>', '<u>$2</u>', '<i>$2</i>', '<span style="text-decoration:line-through">$2</span>', '<p class="compact">$2</p>', '<p>$2</p>', '<li>$2</li>', '<ul>$2</ul>', '<ol>$2</ol>', '<td>$2</td>', '<tr>$2</tr>', '<table cellpadding="0" cellspacing="0" border="1">$1</table>', '<table cellpadding="0" cellspacing="0" border="0">$1</table>', '<a href="$2">$4</a>', '<span style="color:#$2">$3</span>', '<span style="background-color:#$2">$3</span>', '<h$1>$2</h$1>', '<hr />', '<br />', '<a href="$2$3">$2</a>', '', ); $text=preg_replace($patt,$repl,$text); } # --- OPTIONAL - remove all CRLF's, etc & replace with br tags --- if ($transBr) { # 1st leave us with only \n (win browsers & most win text editors are fine with this) $text=str_replace("\r\n","\n",$text); # get rid of CRs (in windows files) $text=str_replace("\r","\n",$text); # get rid of CRs (in mac files) $text=str_replace("\n","<br />\n",$text); } # --- --- --- return $text; } // -------------------------------------------------------------- // -------------------------------------------------------------- # Quick function to send an email # Used for forms based email, adds extra headers to cope with # broken email servers/clients & anti-spam tools // -------------------------------------------------------------- // NOTE: DEFAULT ADDRESS REMOVED FOR SECURITY, PLEASE ADD YOUR OWN instead of the "xxxxxx" // -------------------------------------------------------------- function eMail($fromname, $fromaddr, $subject, $body, $priority=3, $qhtml=FALSE, $toname='Knightnet Form Mail', $toaddr='xxxxxx') { $headers ="MIME-Version: 1.0\n" ; if ($qhtml) $headers.="Content-Type: text/html; charset=iso-8859-1\n"; else $headers.="Content-type: text/plain; charset=iso-8859-1\n"; $headers.="Reply-To: $fromname <$fromaddr>\n"; $headers.="X-Sender: $fromname <$fromaddr>\n"; $headers.="X-Mailer: Knightnet Form Mail v1.0\n"; $headers.="X-Priority: $priority\n"; if ($priority>3) $headers.="X-MSMail-Priority: High\n"; elseif ($priority<3) $headers.="X-MSMail-Priority: Low\n"; else $headers.="X-MSMail-Priority: Normal\n"; $headers.="Return-Path: <$fromaddr>\n"; # Add my domain if none specified if (!strstr($toaddr,'@')) $toaddr.='xxxxxxx'; # return TRUE/FALSE return @mail("$toname <$toaddr>", $subject, $body, $headers); } // -------------------------------------------------------------- ?> Top of page
Pages: Automenu.class.inc Db Mysql.inc Debug.inc Default Css Html.inc Template.class.inc Template.class.initvars.inc
	© Copyright Julian Knight, July 2008 All rights reserved. Page: Updated 2008-07-10 08:50:07, Author Julian Knight

Knightnet Site Design - Standard HTML routines

Pages: