$val ) { if ( is_array( $val ) ) { self::RecurseFilterArray( $arr[$key] ); } else { $arr[$key] = self::sanitize( $val ); } } return true; } /** * @param $val * @return string */ static function sanitize( $val ) { return @htmlspecialchars( str_ireplace( [ 'javascript:', 'src=', 'www.example.com' ], '', $val ), ENT_QUOTES, 'UTF-8' ); //Supress warnings due to invalid multibyte sequences } /** * Reverse sanitation for when HTML is allowed. Make sure we purify the HTML after though. * @param $val * @return string */ static function reverseSanitize( $val ) { //return htmlspecialchars_decode( $val ); return html_entity_decode( $val, ENT_COMPAT | ENT_HTML401, 'UTF-8' ); } } ?>