function filter_markup

6.x misc.inc filter_markup($str, $type = "basic")
4.x misc.inc filter_markup($str, $type = "basic")
5.x misc.inc filter_markup($str, $type = "basic")

Filter string with possible HTML, allowing only certain tags, and removing dangerous attributes.

$type can be:

  • "plain" - No HTML tags are allowed.
  • "basic" - Only certain tags allowed, no attributes. Safest. New lines = <br>
  • "full" - All HTML is allowed through.
16 calls to filter_markup()
advise_display_popup_change_track in modules/advise/advise.module
advise_display_popup_change_track_non_dynamic_degree in modules/advise/advise.module
This is the "change track" popup we will display if the degree cannot be combined with anything else (non-dynamic).
calendar_confirm_cancel_appointment_form_submit in modules/calendar/calendar.module
calendar_get_appointments_for_faculty in modules/calendar/calendar.module
Return back a list of appointment content nodes for this faculty member, which fall between the specified datetimes.
calendar_schedule_appointment_confirm_form_submit in modules/calendar/calendar.module
We passed validation, it's time to actually submit now!

... See full list

File

includes/misc.inc, line 977
This file contains misc functions for FlightPath

Code

function filter_markup($str, $type = "basic") {

  if (!$str) {
    return $str;
  }

  // Use the DOM functions to repair any mismatched HTML.
  $doc = new DOMDocument();
  @$doc->loadHTML(mb_convert_encoding($str, 'HTML-ENTITIES', 'UTF-8')); // ensure we are in UTF8
  $str = $doc->saveHTML($doc->documentElement); // Apparently this helps solve a glitch in Linux that isn't in Windows

  if ($type == 'plain') {
    $str = strip_tags($str);
  }

  if ($type == "basic") {

    // To reduce extra newlines, remove any newline which is at the END of an existing <br> tag.
    $str = str_ireplace("<br>\n", "<br>", $str);
    $str = str_ireplace("<br />\n", "<br>", $str);

    $allowed_tags = array('a', 'em', 'strong', 'cite',
      'blockquote', 'code', 'ul', 'ol', 'li',
      'dl', 'dt', 'dd', 'span', 'div',
      'b', 'i', 'u', 'br', 'p', 'table', 'tr',
      'td', 'th', 'tbody',);

    $str = filter_xss($str, $allowed_tags);
    $str = trim($str);

  }



  return $str;

}