public static function stripTags($varValue, $strAllowedTags = '')
{
if ($varValue === null || $varValue == '') {
return $varValue;
}
// Recursively clean arrays
if (is_array($varValue)) {
foreach ($varValue as $k => $v) {
$varValue[$k] = static::stripTags($v, $strAllowedTags);
}
return $varValue;
}
// Encode opening arrow brackets (see #3998)
$varValue = preg_replace_callback('@</?([^\\s<>/]*)@', function ($matches) use($strAllowedTags) {
if ($matches[1] == '' || strpos(strtolower($strAllowedTags), '<' . strtolower($matches[1]) . '>') === false) {
$matches[0] = str_replace('<', '<', $matches[0]);
}
return $matches[0];
}, $varValue);
// Strip the tags and restore HTML comments
$varValue = strip_tags($varValue, $strAllowedTags);
$varValue = str_replace(array('<!--', '<!['), array('<!--', '<!['), $varValue);
// Recheck for encoded null bytes
while (strpos($varValue, '\\0') !== false) {
$varValue = str_replace('\\0', '', $varValue);
}
return $varValue;
}