Automattic\WooCommerce\EmailEditor\Integrations\Utils
Html_Processing_Helper::sanitize_color
Sanitize color value to ensure it's a valid color format.
Supports hex colors, rgb/rgba, hsl/hsla, named colors, and CSS variables.
Метод класса: Html_Processing_Helper{}
Хуков нет.
Возвращает
Строку. Sanitized color value or safe default if invalid.
Использование
$result = Html_Processing_Helper::sanitize_color( $color ): string;
- $color(строка) (обязательный)
- The color value to sanitize.
Код Html_Processing_Helper::sanitize_color() Html Processing Helper::sanitize color WC 10.4.3
public static function sanitize_color( string $color ): string {
// Remove any whitespace.
$color = trim( $color );
// Check if it's a valid hex color (#fff, #ffffff, #ffffffff).
if ( preg_match( '/^#([0-9a-fA-F]{3}|[0-9a-fA-F]{6}|[0-9a-fA-F]{8})$/', $color ) ) {
return strtolower( $color );
}
// Check for rgb/rgba colors.
if ( preg_match( '/^rgba?\(\s*(25[0-5]|2[0-4]\d|1\d{2}|\d{1,2})\s*,\s*(25[0-5]|2[0-4]\d|1\d{2}|\d{1,2})\s*,\s*(25[0-5]|2[0-4]\d|1\d{2}|\d{1,2})\s*(?:,\s*(?:1(?:\.0+)?|0(?:\.\d+)?|\.\d+)\s*)?\)$/', $color ) ) {
return $color;
}
// Check for hsl/hsla colors.
if ( preg_match( '/^hsla?\(\s*(360|3[0-5]\d|[12]\d{2}|\d{1,2})\s*,\s*(100|[1-9]?\d)%\s*,\s*(100|[1-9]?\d)%\s*(?:,\s*(?:1(?:\.0+)?|0(?:\.\d+)?|\.\d+)\s*)?\)$/', $color ) ) {
return $color;
}
// Check for named colors and other valid CSS color values.
// We use a permissive approach: accept any string that doesn't contain dangerous characters
// and let the CSS engine handle the actual validation.
if ( preg_match( '/^[a-zA-Z][a-zA-Z0-9-]*$/', $color ) && ! preg_match( '/^(expression|javascript|vbscript|data|import|behavior|binding|filter|progid)/i', $color ) ) {
return strtolower( $color );
}
// Check if it's a CSS variable (var(--variable-name)).
if ( preg_match( '/^var\(--[a-zA-Z0-9\-_]+\)$/', $color ) ) {
return $color;
}
// If not a valid color format, return a safe default.
return '#000000';
}