try:
<script>
var s="你好,[color=#FF0000]老同学,好久不见! [/color]"
var re=/\[color=([^\]]*)\]/
while(re.test(s))s=s.replace(re,"<font color=$1>")
s=s.replace(/\[\/color\]/g,"</font>")
//<font color=#000066>你好,<font color=FF0000>老同学</font>,好久不见! </font>
alert(s)
</script>
<script>
var s="你好,[color=#FF0000]老同学,好久不见! [/color]"
var re=/\[color=([^\]]*)\]/
while(re.test(s))s=s.replace(re,"<font color=$1>")
s=s.replace(/\[\/color\]/g,"</font>")
//<font color=#000066>你好,<font color=FF0000>老同学</font>,好久不见! </font>
alert(s)
</script>
echo getSafeString($myString);
FUNCTION getSafeString($post){ $allow=array('pic'=>1,'flash'=>1,'fontsize'=>1);
//$post=preg_replace("/^[\s]*/","",$post);
$post = str_replace(""," ",$post);
$post=preg_replace("/\r\n[\s ]*\r\n/","\r\n",$post);
$post = $this->parseUul($post);
$post=htmlspecialchars($post);
$post=trim($post);
$post = str_replace("\r","<br><br>",$post);
$post = str_replace("\n","",$post);
//$post = str_replace(" ","",$post);
//$post =str_replace("[[","{{",$post);
//$post =str_replace("]]","}}",$post);
//$post =str_replace("<br>"," <br>",$post);
$post =str_replace("","<u>",$post);
$post =str_replace("","</u>",$post);
$post =str_replace("","<b>",$post);
$post =str_replace("","</b>",$post);
$post =str_replace("","<i>",$post);
$post =str_replace("","</i>",$post);
$post =str_replace("[br]","<br>",$post);
$post =str_replace("[list]","<ul>",$post);
$post =str_replace("[/list]","</ul>",$post);
$post =str_replace("[olist]","<ol>",$post);
$post =str_replace("[/olist]","</ol>",$post);
$post =str_replace("[*]","<li>",$post);
//$post =str_replace("{{", "[", $post);
//$post =str_replace("}}", "]", $post);
$post =str_replace("[hr]","<hr width=40% align=left>",$post);
$post =str_replace("[sup]","<sup>",$post);
$post =str_replace("[/sup]","</sup>",$post);
$post =str_replace('[url="','[url="',$post);
$post =str_replace('"]','"]',$post);
$post = eregi_replace("\\[size=([^\\[]*)\\]([^\\[]*)\\[/size\\]","<font size=\"\\1\">\\2</font>",$post);
$pattern = array(
"/\[font=([^\[]*)\](.+?)\[\/font\]/is",
"/\[color=([#0-9a-z]{1,10})\](.+?)\[\/color\]/is",
"/\[email=([^\[]*)\](.+?)\[\/email\]/is",
// "/\[email=\"([^\[]*)\"\](.+?)\[\/email\]/is",
"/\[email\]([^\[]*)\[\/email\]/is",
"/\[url=([^\[]*)\](.+?)\[\/url\]/is",
"/\[url\]www\.([^\[]*)\[\/url\]/is",
//Added Otherdown Label By LGF On 2002-1-25
"/\[otherdown\]([^\[]*)\[\/otherdown\]/is",
"/\[url\]([^\[]*)\[\/url\]/is",
"/\[quote\]\s*(.*?)\s*\[\/quote\]/is",
"/(\[fly\])(.+?)(\[\/fly\])/is",
"/(\[move\])(.+?)(\[\/move\])/is",
"/(\[align=)(left|center|right)(\])(.+?)(\[\/align\])/is",
"/(\[shadow=)(\S+?)(\,)(.+?)(\,)(.+?)(\])(.+?)(\[\/shadow\])/is",
"/(\[glow=)(\S+?)(\,)(.+?)(\,)(.+?)(\])(.+?)(\[\/glow\])/is",
"/\[code\](.+?)\[\/code\]/is"
); $replacement = array(
"<font face=\"\\1\">\\2</font>",
"<font color=\"\\1\">\\2</font>",
"<a href=\"mailto:\\1\">\\2</a>",
"<a href=\"mailto:\\1\">\\1</a>",
"<a href=\"\\1\" target=_blank>\\2</a>",
"<a href=\"http://www.\\1\" target=_blank>\\1</a>",
"<a href=\"\\1\" target=_blank >\\1</a>",
//Added Otherdown Label By LGF On 2002-1-25 "<a href=\"\\1\" target=_blank >\\1</a>",
"<table cellpadding=0 cellspacing=0 border=0 WIDTH=94% bgcolor=#000000 align=center><tr><td><table width=100% cellpadding=5 cellspacing=1 border=0><TR><TD BGCOLOR=#EFF3F9>\\1</table></table>",
"<marquee width=90% behavior=alternate scrollamount=3>\\2</marquee>",
"<MARQUEE scrollamount=3>\\2</MARQUEE>",
"<DIV Align=\\2>\\4</DIV>",
"<table width=\\2 style=\"filter:shadow(color=\\4, direction=\\6 ,strength=2)\">\\8</table>",
"<table width=\\2 style=\"filter:glow(color=\\4, strength=\\6)\">\\8</table>",
"<table border=0 width=95% align=center cellpadding=2 bgcolor=DDDDDF><tr><td><font face='Courier New,宋体'>\\1</font></td></tr></table>",
);
$post=preg_replace($pattern,$replacement,$post);
$post = preg_replace("/\[iframe\]\s*(\S+?)\s*\[\/iframe\]/is","<IFRAME SRC=\\1 FRAMEBORDER=0 ALLOWTRANSPARENCY=true SCROLLING=YES WIDTH=97% HEIGHT=340></IFRAME>",$post); if ($allow['pic']) {
$post = preg_replace("/\[img\]\s*(\S+?)\s*\[\/img\]/is","<img src=\\1 border=0>",$post);
//$post = preg_replace("/\[img=([0-9]{1,3})\,([0-9]{1,3})\](.+?)\[\/img\]/is","<img src=\\3 height=\\1 width=2 border=0>",$post);
}
if ($allow['flash']) {
$post = preg_replace("/(\[swf\])\s*(\S+?\.swf)\s*(\[\/swf\])/is","<PARAM NAME=PLAY VALUE=TRUE><PARAM NAME=LOOP VALUE=TRUE><PARAM NAME=QUALITY VALUE=HIGH><embed src=\"\\2\" quality=high pluginspage=\"http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash\" type=\"application/x-shockwave-flash\"></embed>",$post);
$post = preg_replace("/(\[FLASH=)(\S+?)(\,)(\S+?)(\])(\S+?)(\[\/FLASH\])/is","<OBJECT CLASSID=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\" WIDTH=\\2 HEIGHT=\\4><PARAM NAME=MOVIE VALUE=\\6><PARAM NAME=PLAY VALUE=TRUE><PARAM NAME=LOOP VALUE=TRUE><PARAM NAME=QUALITY VALUE=HIGH><EMBED SRC=\\6 WIDTH=\\2 HEIGHT=\\4 PLAY=TRUE LOOP=TRUE QUALITY=HIGH></EMBED></OBJECT>",$post);
}
$post = str_replace("[ ]{2,}"," ",$post);
$post =' '.$post;
$post = str_replace("<br><br>","<br><br> ",$post);
$post = str_replace(" "," ",$post);
$post = str_replace(" "," ",$post);
$post = str_replace(" "," ",$post);
RETURN ($post);
}
$post="你好,[color=#FF0000]老同学,好久不见!";$post = str_replace("[color","<font color",$post);
$post = str_replace("[/color]","</color>",$post);
有一个]没有替换最后还要加一句
$post = str_replace("]",">",$post);