_sanitize_text_fields()
Internal helper function to sanitize a string from user input or from the database.
Внутренняя функция — эта функция рассчитана на использование самим ядром. Не рекомендуется использовать эту функцию в своем коде.
Хуков нет.
Возвращает
Строку
. Sanitized string.
Использование
_sanitize_text_fields( $str, $keep_newlines );
- $str(строка) (обязательный)
- String to sanitize.
- $keep_newlines(true|false)
- Whether to keep newlines.
По умолчанию: false
Список изменений
С версии 4.7.0 | Введена. |
Код _sanitize_text_fields() sanitize text fields WP 6.6.1
function _sanitize_text_fields( $str, $keep_newlines = false ) { if ( is_object( $str ) || is_array( $str ) ) { return ''; } $str = (string) $str; $filtered = wp_check_invalid_utf8( $str ); if ( str_contains( $filtered, '<' ) ) { $filtered = wp_pre_kses_less_than( $filtered ); // This will strip extra whitespace for us. $filtered = wp_strip_all_tags( $filtered, false ); /* * Use HTML entities in a special case to make sure that * later newline stripping stages cannot lead to a functional tag. */ $filtered = str_replace( "<\n", "<\n", $filtered ); } if ( ! $keep_newlines ) { $filtered = preg_replace( '/[\r\n\t ]+/', ' ', $filtered ); } $filtered = trim( $filtered ); // Remove percent-encoded characters. $found = false; while ( preg_match( '/%[a-f0-9]{2}/i', $filtered, $match ) ) { $filtered = str_replace( $match[0], '', $filtered ); $found = true; } if ( $found ) { // Strip out the whitespace that may now exist after removing percent-encoded characters. $filtered = trim( preg_replace( '/ +/', ' ', $filtered ) ); } return $filtered; }