function check_url($href, $name){
	
	$href = preg_replace("/javascript:/i", "javascript-aef: ", $href);
	
	return '<a href="'.$href.'" target="_blank">'.$name.'</a>';

}

javascript:alert('Grey') => HTML (with semicolons): => javascript:alert('Grey')

[url*=javascript:alert('Grey')]нажми на меня[/url*]