wpseek.com
Eine auf WordPress spezialiserte Suchmaschine für Entwickler und Theme-Autoren

_sanitize_text_fields is private and should not be used in themes or plugins directly.

_sanitize_text_fields › WordPress Function

Seit4.7.0

Veraltetn/v

› _sanitize_text_fields ( $str, $keep_newlines = false )

Zugriff:	private
Parameter: (2)	(string) $str String to sanitize. Erforderlich: Ja (bool) $keep_newlines Optional. Whether to keep newlines. Default: false. Erforderlich: Nein Standard: false
Gibt zurück:	(string) Sanitized string.
Definiert in:	wp-includes/formatting.php , Zeile 5638
Codex:	developer.wordpress.org / _sanitize_text_fields

Internal helper function to sanitize a string from user input or from the database.

Quellcode

function _sanitize_text_fields( $str, $keep_newlines = false ) {
	if ( is_object( $str ) || is_array( $str ) ) {
		return '';
	}

	$str = (string) $str;

	$filtered = wp_check_invalid_utf8( $str );

	if ( str_contains( $filtered, '<' ) ) {
		$filtered = wp_pre_kses_less_than( $filtered );
		// This will strip extra whitespace for us.
		$filtered = wp_strip_all_tags( $filtered, false );

		/*
		 * Use HTML entities in a special case to make sure that
		 * later newline stripping stages cannot lead to a functional tag.
		 */
		$filtered = str_replace( "<\n", "&lt;\n", $filtered );
	}

	if ( ! $keep_newlines ) {
		$filtered = preg_replace( '/[\r\n\t ]+/', ' ', $filtered );
	}
	$filtered = trim( $filtered );

	// Remove percent-encoded characters.
	$found = false;
	while ( preg_match( '/%[a-f0-9]{2}/i', $filtered, $match ) ) {
		$filtered = str_replace( $match[0], '', $filtered );
		$found    = true;
	}

	if ( $found ) {
		// Strip out the whitespace that may now exist after removing percent-encoded characters.
		$filtered = trim( preg_replace( '/ +/', ' ', $filtered ) );
	}

	return $filtered;
}