1. <?php
  3. /**
  4. * HTML Validator for Local Utility (Memory-Optimized)
  5. *
  6. * This script validates HTML files, focusing on common errors.
  7. * Designed for low memory usage, suitable for local use.
  8. */
  10. /**
  11. * Function to validate an HTML file.
  12. *
  13. * @param string $filename The path to the HTML file.
  14. * @return array An array of error messages. Empty array if no errors.
  15. */
  16. function validateHTML(string $filename): array
  17. {
  18. $errors = [];
  20. if (!file_exists($filename)) {
  21. $errors[] = "File not found: " . $filename;
  22. return $errors;
  23. }
  25. $html = file_get_contents($filename);
  27. if ($html === false) {
  28. $errors[] = "Error reading file: " . $filename;
  29. return $errors;
  30. }
  32. // Basic HTML structure check
  33. if (!preg_match('/^<!DOCTYPE html>/i', $html)) {
  34. $errors[] = "Missing or incorrect doctype declaration.";
  35. }
  37. // Check for basic tag syntax/closing
  38. if (strpos($html, '</html>') === false) {
  39. $errors[] = "Missing closing </html> tag.";
  40. }
  42. // Check for common errors (can be expanded)
  43. if (strpos($html, 'javascript:') !== false) {
  44. $errors[] = "Inline JavaScript detected. Consider external files.";
  45. }
  47. if (strpos($html, 'eval(') !== false) {
  48. $errors[] = "eval() detected. Security risk. Remove or reconsider.";
  49. }
  51. // More sophisticated validation (using regex - can be slow for large files)
  52. if (preg_match('/<script[^>]*type="text\/javascript"[^>]*>/i', $html)) {
  53. $errors[] = "Script tag with type='text/javascript' detected. Consider using a more modern approach.";
  54. }
  56. //Check for invalid attributes
  57. if (preg_match('/(\s+href=["\']?)\s*#([\s\S]*?)\s*(["\'])/i', $html)) {
  58. $errors[] = "Invalid anchor link usage detected.";
  59. }
  61. //check for potential XSS vulnerabilities
  62. if (preg_match('/<img src=[\'"](.*?)[\'">/i', $html)) {
  63. $errors[] = "Potential XSS vulnerability: Image source not properly sanitized.";
  64. }
  66. return $errors;
  67. }
  71. // Example usage:
  72. if (isset($_GET['file'])) {
  73. $filename = $_GET['file'];
  74. $errors = validateHTML($filename);
  76. if (!empty($errors)) {
  77. echo "<h2>HTML Validation Errors for " . htmlspecialchars($filename) . ":</h2>";
  78. echo "<ul>";
  79. foreach ($errors as $error) {
  80. echo "<li>" . htmlspecialchars($error) . "</li>";
  81. }
  82. echo "</ul>";
  83. } else {
  84. echo "<h2>HTML Validation for " . htmlspecialchars($filename) . " successful!</h2>";
  85. }
  86. } else {
  87. echo "Usage: ?file=path/to/your/html/file.html";
  88. }
  90. ?>

Add your comment