sanitize_option( string $option, string $value )
根据选项的性质清除各种选项值。
Sanitises various option values based on the nature of the option.
说明(Description)
这基本上是一个switch语句,它将根据$option通过许多函数传递$value。
参数(Parameters)
| 参数 | 类型 | 必填 | 说明 |
|---|---|---|---|
| $option | (string) | 必需 | 选项的名称。 |
| $value | (string) | 必需 | 未定义的值。 |
返回(Return)
(string)净化值。源码(Source)
/**
* Sanitises various option values based on the nature of the option.
*
* This is basically a switch statement which will pass $value through a number
* of functions depending on the $option.
*
* @since 2.0.5
*
* @global wpdb $wpdb
*
* @param string $option The name of the option.
* @param string $value The unsanitised value.
* @return string Sanitized value.
*/
function sanitize_option( $option, $value ) {
global $wpdb;
$original_value = $value;
$error = '';
switch ( $option ) {
case 'admin_email' :
case 'new_admin_email' :
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
$value = sanitize_email( $value );
if ( ! is_email( $value ) ) {
$error = __( 'The email address entered did not appear to be a valid email address. Please enter a valid email address.' );
}
}
break;
case 'thumbnail_size_w':
case 'thumbnail_size_h':
case 'medium_size_w':
case 'medium_size_h':
case 'large_size_w':
case 'large_size_h':
case 'mailserver_port':
case 'comment_max_links':
case 'page_on_front':
case 'page_for_posts':
case 'rss_excerpt_length':
case 'default_category':
case 'default_email_category':
case 'default_link_category':
case 'close_comments_days_old':
case 'comments_per_page':
case 'thread_comments_depth':
case 'users_can_register':
case 'start_of_week':
case 'site_icon':
$value = absint( $value );
break;
case 'posts_per_page':
case 'posts_per_rss':
$value = (int) $value;
if ( empty($value) )
$value = 1;
if ( $value < -1="" )="" $value="abs($value);" break;="" case="" 'default_ping_status':="" case="" 'default_comment_status':="" options="" that="" if="" not="" there="" have="" 0="" value="" but="" need="" to="" be="" something="" like="" "closed"="" if="" (="" $value="=" '0'="" ||="" $value="=" '')="" $value='closed' ;="" break;="" case="" 'blogdescription':="" case="" 'blogname':="" $value="$wpdb-">strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
$value = wp_kses_post( $value );
$value = esc_html( $value );
}
break;
case 'blog_charset':
$value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes
break;
case 'blog_public':
// This is the value if the settings checkbox is not checked on POST. Don't rely on this.
if ( null === $value )
$value = 1;
else
$value = intval( $value );
break;
case 'date_format':
case 'time_format':
case 'mailserver_url':
case 'mailserver_login':
case 'mailserver_pass':
case 'upload_path':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
$value = strip_tags( $value );
$value = wp_kses_data( $value );
}
break;
case 'ping_sites':
$value = explode( "
", $value );
$value = array_filter( array_map( 'trim', $value ) );
$value = array_filter( array_map( 'esc_url_raw', $value ) );
$value = implode( "
", $value );
break;
case 'gmt_offset':
$value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes
break;
case 'siteurl':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
if ( preg_match( '#http(s?)://(.+)#i', $value ) ) {
$value = esc_url_raw( $value );
} else {
$error = __( 'The WordPress address you entered did not appear to be a valid URL. Please enter a valid URL.' );
}
}
break;
case 'home':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
if ( preg_match( '#http(s?)://(.+)#i', $value ) ) {
$value = esc_url_raw( $value );
} else {
$error = __( 'The Site address you entered did not appear to be a valid URL. Please enter a valid URL.' );
}
}
break;
case 'WPLANG':
$allowed = get_available_languages();
if ( ! is_multisite() && defined( 'WPLANG' ) && '' !== WPLANG && 'en_US' !== WPLANG ) {
$allowed[] = WPLANG;
}
if ( ! in_array( $value, $allowed ) && ! empty( $value ) ) {
$value = get_option( $option );
}
break;
case 'illegal_names':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
if ( ! is_array( $value ) )
$value = explode( ' ', $value );
$value = array_values( array_filter( array_map( 'trim', $value ) ) );
if ( ! $value )
$value = '';
}
break;
case 'limited_email_domains':
case 'banned_email_domains':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
if ( ! is_array( $value ) )
$value = explode( "
", $value );
$domains = array_values( array_filter( array_map( 'trim', $value ) ) );
$value = array();
foreach ( $domains as $domain ) {
if ( ! preg_match( '/(--|..)/', $domain ) && preg_match( '|^([a-zA-Z0-9-.])+$|', $domain ) ) {
$value[] = $domain;
}
}
if ( ! $value )
$value = '';
}
break;
case 'timezone_string':
$allowed_zones = timezone_identifiers_list();
if ( ! in_array( $value, $allowed_zones ) && ! empty( $value ) ) {
$error = __( 'The timezone you have entered is not valid. Please select a valid timezone.' );
}
break;
case 'permalink_structure':
case 'category_base':
case 'tag_base':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
$value = esc_url_raw( $value );
$value = str_replace( 'http://', '', $value );
}
break;
case 'default_role' :
if ( ! get_role( $value ) && get_role( 'subscriber' ) )
$value = 'subscriber';
break;
case 'moderation_keys':
case 'blacklist_keys':
$value = $wpdb->strip_invalid_text_for_column( $wpdb->options, 'option_value', $value );
if ( is_wp_error( $value ) ) {
$error = $value->get_error_message();
} else {
$value = explode( "
", $value );
$value = array_filter( array_map( 'trim', $value ) );
$value = array_unique( $value );
$value = implode( "
", $value );
}
break;
}
if ( ! empty( $error ) ) {
$value = get_option( $option );
if ( function_exists( 'add_settings_error' ) ) {
add_settings_error( $option, "invalid_{$option}", $error );
}
}
/**
* Filter an option value following sanitization.
*
* @since 2.3.0
* @since 4.3.0 Added the `$original_value` parameter.
*
* @param string $value The sanitized option value.
* @param string $option The option name.
* @param string $original_value The original value passed to the function.
*/
return apply_filters( "sanitize_option_{$option}", $value, $option, $original_value );
}| 更新版本 | 源码位置 | 使用 | 被使用 |
|---|---|---|---|
| 2.0.5 | wp-includes/formatting.php:4570 | 7 | 17 |