Last active
April 16, 2024 12:18
-
-
Save afsalrahim/bc8caf497a4b54c5d75d to your computer and use it in GitHub Desktop.
A simple PHP BBCode Parser function
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * A simple PHP BBCode Parser function | |
| * | |
| * @author Afsal Rahim | |
| * @link http://digitcodes.com/create-simple-php-bbcode-parser-function/ | |
| **/ | |
| //BBCode Parser function | |
| function showBBcodes($text) { | |
| // NOTE : I had to update this sample code with below line to prevent obvious attacks as pointed out by many users. | |
| // Always ensure that user inputs are scanned and filtered properly. | |
| $text = htmlspecialchars($text, ENT_QUOTES, $charset); | |
| // BBcode array | |
| $find = array( | |
| '~\[b\](.*?)\[/b\]~s', | |
| '~\[i\](.*?)\[/i\]~s', | |
| '~\[u\](.*?)\[/u\]~s', | |
| '~\[quote\](.*?)\[/quote\]~s', | |
| '~\[size=(.*?)\](.*?)\[/size\]~s', | |
| '~\[color=(.*?)\](.*?)\[/color\]~s', | |
| '~\[url\]((?:ftp|https?)://.*?)\[/url\]~s', | |
| '~\[img\](https?://.*?\.(?:jpg|jpeg|gif|png|bmp))\[/img\]~s' | |
| ); | |
| // HTML tags to replace BBcode | |
| $replace = array( | |
| '<b>$1</b>', | |
| '<i>$1</i>', | |
| '<span style="text-decoration:underline;">$1</span>', | |
| '<pre>$1</'.'pre>', | |
| '<span style="font-size:$1px;">$2</span>', | |
| '<span style="color:$1;">$2</span>', | |
| '<a href="$1">$1</a>', | |
| '<img src="$1" alt="" />' | |
| ); | |
| // Replacing the BBcodes with corresponding HTML tags | |
| return preg_replace($find,$replace,$text); | |
| } | |
| // How to use the above function: | |
| $bbtext = "This is [b]bold[/b] and this is [u]underlined[/u] and this is in [i]italics[/i] with a [color=red] red color[/color]"; | |
| $htmltext = showBBcodes($bbtext); | |
| echo $htmltext; | |
| ?> |
I've improved a little
public static function replaceBBcodes($text)
{
$text = strip_tags($text);
// BBcode array
$find = array(
'~\[b\](.*?)\[/b\]~s',
'~\[i\](.*?)\[/i\]~s',
'~\[u\](.*?)\[/u\]~s',
'~\[quote\]([^"><]*?)\[/quote\]~s',
'~\[size=([^"><]*?)\](.*?)\[/size\]~s',
'~\[color=([^"><]*?)\](.*?)\[/color\]~s',
'~\[url\]((?:ftp|https?)://[^"><]*?)\[/url\]~s',
'~\[img\](https?://[^"><]*?\.(?:jpg|jpeg|gif|png|bmp))\[/img\]~s'
);
// HTML tags to replace BBcode
$replace = array(
'<b>$1</b>',
'<i>$1</i>',
'<span style="text-decoration:underline;">$1</span>',
'<pre>$1</'.'pre>',
'<span style="font-size:$1px;">$2</span>',
'<span style="color:$1;">$2</span>',
'<a href="$1">$1</a>',
'<img src="$1" alt="" />'
);
// Replacing the BBcodes with corresponding HTML tags
return preg_replace($find, $replace, $text);
}
if url like this [url=https://ya.ru]test[/url]
'~\[url=([^"><]*?)\](.*?)\[/url\]~s',
and
'<a href="$1">$2</a>',
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Alert XSS