Allow links in htmlspecialchars

Question

It is necessary to allow links in htmlspecialchars, but not all, but starting with /, for example, /upload/1.png

There is a function

$pureHTML = htmlspecialchars($text, ENT_NOQUOTES); preg_match_all('/(&lt;\s*a)\s*(\w+="[\w:\/@#%_\-&\.]+")\s*(&gt;)/i', $pureHTML, $matches, PREG_SET_ORDER); foreach($matches as $match) { $pureHTML = str_replace($match[0], "<a " . $match[2] . ">", $pureHTML); } $pureHTML = preg_replace('/(&lt;\/\s*a\s*&gt;)/i', '</a>', $pureHTML);

In regulars I do not rummage, how to correct? and is this feature safe?

Sergey SHevchenko Sergey SHevchenko 29 eight · Answer 1 · 2016-11-04T15:43:44

try this

 /\/(\w+|\d+|\.)/ig

Here check RegExrv2.1

Allow links in htmlspecialchars

1 answer 1

More articles: