set('Core.Encoding', 'utf-8'); // replace with your encoding $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); // replace with your doctype $purifier = new HTMLPurifier($config); $magic_quotes = get_magic_quotes_gpc(); foreach($_GET as $key => $value) { $test_key=$purifier->purify($key); //echo "key=$key
test_key=$test_key
"; if($key!=$test_key) { unset($_GET[$key]); } else { if(!is_array($value)) { if ($magic_quotes) $value = stripslashes($value); $_GET[$key]=$purifier->purify($value); if ($magic_quotes) $_GET[$key] = addslashes($_GET[$key]); } else { foreach($_GET[$key] as $key2 => $value2) { if ($magic_quotes) $value2 = stripslashes($value2); $_GET[$key][$key2]=$purifier->purify($value2); if ($magic_quotes) $_GET[$key][$key2] = addslashes($_GET[$key][$key2]); } } } } foreach($_POST as $key => $value) { $test_key=$purifier->purify($key); //echo "key=$key
test_key=$test_key
"; if($key!=$test_key) { unset($_POST[$key]); } else { if(!is_array($value)) { if ($magic_quotes) $value = stripslashes($value); $_POST[$key]=$purifier->purify($value); if ($magic_quotes) $_POST[$key] = addslashes($_POST[$key]); } else { foreach($_POST[$key] as $key2 => $value2) { $test_key=$purifier->purify($key2); //echo "key2=$key2
test_key=$test_key
"; if($key2!=$test_key) { unset($_POST[$key][$key2]); } else { if(!is_array($value)) { if ($magic_quotes) $value2 = stripslashes($value2); $_POST[$key][$key2]=$purifier->purify($value2); if ($magic_quotes) $_POST[$key][$key2] = addslashes($_POST[$key][$key2]); } } } } } } ?>