Eine auf WordPress spezialiserte Suchmaschine für Entwickler und Theme-Autoren



wp_kses_split2 ›

Seit1.0.0
Veraltetn/v
wp_kses_split2 ( $string, $allowed_html, $allowed_protocols )
Zugriff:
  • private
Parameter: (3)
  • (string) $string Content to filter
    Erforderlich: Ja
  • (array) $allowed_html Allowed HTML elements
    Erforderlich: Ja
  • (array) $allowed_protocols Allowed protocols to keep
    Erforderlich: Ja
Gibt zurück:
  • (string) Fixed HTML element
Definiert in:
Codex:

Callback for wp_kses_split for fixing malformed HTML tags.

This function does a lot of work. It rejects some very malformed things like <:::>. It returns an empty string, if the element isn't allowed (look ma, no strip_tags()!). Otherwise it splits the tag into an element and an attribute list.

After the tag is split into an element and an attribute list, it is run through another filter which will remove illegal attributes and once that is completed, will be returned.



Quellcode

function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
	$string = wp_kses_stripslashes($string);

	if (substr($string, 0, 1) != '<')
		return '&gt;';
	// It matched a ">" character

	if ( '<!--' == substr( $string, 0, 4 ) ) {
		$string = str_replace( array('<!--', '-->'), '', $string );
		while ( $string != ($newstring = wp_kses($string, $allowed_html, $allowed_protocols)) )
			$string = $newstring;
		if ( $string == '' )
			return '';
		// prevent multiple dashes in comments
		$string = preg_replace('/--+/', '-', $string);
		// prevent three dashes closing a comment
		$string = preg_replace('/-$/', '', $string);
		return "<!--{$string}-->";
	}
	// Allow HTML comments

	if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9-]+)([^>]*)>?$%', $string, $matches))
		return '';
	// It's seriously malformed

	$slash = trim($matches[1]);
	$elem = $matches[2];
	$attrlist = $matches[3];

	if ( ! is_array( $allowed_html ) )
		$allowed_html = wp_kses_allowed_html( $allowed_html );

	if ( ! isset($allowed_html[strtolower($elem)]) )
		return '';
	// They are using a not allowed HTML element

	if ($slash != '')
		return "</$elem>";
	// No attributes are allowed for closing elements

	return wp_kses_attr( $elem, $attrlist, $allowed_html, $allowed_protocols );
}