private function remove_disallowed_javascript($str)
{
do {
$original = $str;
if (preg_match('/<a/i', $str)) {
$str = preg_replace_callback('#<a[^a-z0-9>]+([^>]*?)(?:>|$)#i', array($this, '_js_link_removal'), $str);
}
if (preg_match('/<img/i', $str)) {
$str = preg_replace_callback('#<img[^a-z0-9]+([^>]*?)(?:\\s?/?>|$)#i', array($this, '_js_img_removal'), $str);
}
if (preg_match('/script|xss/i', $str)) {
$str = preg_replace('#</*(?:script|xss).*?>#si', $this->_replacement, $str);
}
} while ($original !== $str);
return (string) $str;
}