<?php /** * @param string $str the string to encode and parse for URLs */ function preventXssAndParseAnchors(string $str): string { $url_regex = "/\b((https?:\/\/?|www\.)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|\/)))/"; // Encoding HTML special characters To prevent XSS // Before parsing the URLs to Anchors $str = htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); preg_match_all($url_regex, $str, $urls); foreach ($urls[0] as $url) { $str = str_replace($url, "<a href='$url'>$url</a>", $str); } return $str; } $str = " apply here https://ph.dbsd.com/job/dfvdfg/5444 <script> console.log('this is a hacking attempt hacking'); </script> and www.google.com also http://somesite.net "; echo preventXssAndParseAnchors($str);
You have javascript disabled. You will not be able to edit any code.