for the char $valueHtmlEncode = str_replace(">", '>', $valueHtmlEncode); //Revert html entities to chars for ($i=0;$i<33;$i++) { $valueHtmlEncode = str_ireplace("&#x".dechex($i).";",html_to_ascii(dechex($i)), $valueHtmlEncode); } return $valueHtmlEncode; } /** * Convert the $value encode in html entity to clear char string. This function * should be called always to "clean" HTML encoded data; to render to a text * plain ascii file, to render to console, or to put in any kind of data field * who doesn't make the HTML render by itself. * * @param mixed String or array of strings to be cleaned. * @param boolean $utf8 Flag, set the output encoding in utf8, by default true. * * @return unknown_type */ function safe_output_html($value, $utf8 = true) { if (is_numeric($value)) return $value; if (is_array($value)) { array_walk($value, "safe_output"); return $value; } //Replace the html entitie of ( for the char $value = str_replace("(", '(', $value); //Replace the html entitie of ) for the char $value = str_replace(")", ')', $value); //Replace the < $value = str_replace("<", "<", $value); //Replace the < $value = str_replace(">", ">", $value); //Revert html entities to chars for ($i=0;$i<33;$i++) { $value = str_ireplace("&#x".dechex($i).";",html_to_ascii(dechex($i)), $value); } return $value; } /** * Use to clean HTML entities when get_parameter or safe_input functions dont work * * @param string String to be cleaned * * @return string Cleaned string */ function salida_limpia ($string) { $quote_style = ENT_QUOTES; static $trans; if (! isset ($trans)) { $trans = get_html_translation_table (HTML_ENTITIES, $quote_style); foreach ($trans as $key => $value) $trans[$key] = '&#'.ord($key).';'; // dont translate the '&' in case it is part of &xxx; $trans[chr(38)] = '&'; } // after the initial translation, _do_ map standalone "&" into "&" return preg_replace ("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&", strtr ($string, $trans)); } /** * Cleans a string by encoding to UTF-8 and replacing the HTML * entities to their numeric counterparts (possibly double encoding) * * @param mixed String or array of strings to be cleaned. * * @return mixed The cleaned string or array. */ function safe_output_xml ($string) { if (is_numeric ($string)) return $string; if (is_array ($string)) { array_walk ($string, 'safe_output_xml'); return $string; } static $table; static $replace; if (empty ($table)) { $table = get_html_translation_table (HTML_ENTITIES, ENT_QUOTES); $replace = array (); foreach ($table as $key => $value){ $table[$key] = "/".$value."/"; $char = htmlentities ($key, ENT_QUOTES, "UTF-8"); $replace[$char] = "&#".ord ($key).";"; } } //now perform a replacement using preg_replace //each matched value in $table will be replaced with the corresponding value in $replace return preg_replace ($table, $replace, $string); } /** * Avoid magic_quotes protection * * @param string Text string to be stripped of magic_quotes protection */ function unsafe_string ($string) { if (get_magic_quotes_gpc ()) return stripslashes ($string); return $string; } ?>