wp_kses_attr( string $element, string $attr, array $allowed_html, string[] $allowed_protocols )
如果此元素不允许任何属性,则移除所有属性。
Removes all attributes, if none are allowed for this element.
目录锚点:#说明#参数#源码
如果允许某些代码,则调用wp_kses_hair()进一步拆分它们,然后根据kses_hair()返回的数据构建新的HTML代码。如果还有<和>的字符,也会删除。它要做的另一件事是检查标记是否有结束的XHTML斜杠,如果有,它也会在返回的代码中放入一个。
参数 | 类型 | 说明 |
$element |
(string) |
HTML元素/标记。 |
$attr |
(string) |
从HTML元素到结束HTML元素标记的HTML属性。 |
$allowed_html |
(array) |
允许的HTML元素。 |
$allowed_protocols |
(string[]) |
允许的URL协议数组。 |
/**
* Removes all attributes, if none are allowed for this element.
*
* If some are allowed it calls wp_kses_hair() to split them further, and then
* it builds up new HTML code from the data that kses_hair() returns. It also
* removes "<" and="" "="">" characters, if there are any left. One more thing it does
* is to check if the tag has a closing XHTML slash, and if it does, it puts one
* in the returned code as well.
*
* @since 1.0.0
*
* @param string $element HTML element/tag
* @param string $attr HTML attributes from HTML element to closing HTML element tag
* @param array $allowed_html Allowed HTML elements
* @param array $allowed_protocols Allowed protocols to keep
* @return string Sanitized HTML element
*/
function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) {
if ( ! is_array( $allowed_html ) )
$allowed_html = wp_kses_allowed_html( $allowed_html );
// Is there a closing XHTML slash at the end of the attributes?
$xhtml_slash = '';
if (preg_match('%s*/s*$%', $attr))
$xhtml_slash = ' /';
// Are any attributes allowed at all for this element?
if ( ! isset($allowed_html[strtolower($element)]) || count($allowed_html[strtolower($element)]) == 0 )
return "<$element$xhtml_slash>";
// Split it
$attrarr = wp_kses_hair($attr, $allowed_protocols);
// Go through $attrarr, and save the allowed attributes for this element
// in $attr2
$attr2 = '';
foreach ( $attrarr as $arreach ) {
if ( wp_kses_attr_check( $arreach['name'], $arreach['value'], $arreach['whole'], $arreach['vless'], $element, $allowed_html ) ) {
$attr2 .= ' '.$arreach['whole'];
}
}
// Remove any "<" or="" "="">" characters
$attr2 = preg_replace('/[<>]/', '', $attr2);
return "<$element$attr2$xhtml_slash>";
}
更新版本 |
源码位置 |
使用 |
被使用 |
1.0.0 |
wp-includes/kses.php |
10 |
7 |
absint( mixed $maybeint )将值转换为非负整数,也就是取绝对值。Convert a value to non-negative integer.目录锚点:#参数#返回#源码#笔记参数(Parameters)参数类型必填说明$maybeint(mixed)必需要转换为非负整数的数据。返回(Return)(int)非负整数。源码(Source)function absint( $maybeint ) { return abs( intval( $maybeint ) );}/** *...
日期:2020-06-23 10:35:32
浏览:1232
activate_plugin( string $plugin, string $redirect = '', bool $network_wide = false, bool $silent = false )尝试激活插件,并在成功时重定向。Attempts activation of plugin in a “sandbox” and redirects on success.目录锚点:#说明#参数#返回#源码#笔记说明(Description)已激活的插件将不会再次尝试激活。其工作方式是在尝试包含插件...
日期:2020-06-23 10:39:26
浏览:981
activate_plugins( string|string[] $plugins, string $redirect = '', bool $network_wide = false, bool $silent = false )激活多个插件。Activate multiple plugins.目录锚点:#说明#参数#返回#源码说明(Description)当WP_Error返回时,并不意...
日期:2020-09-08 17:28:27
浏览:1038
activate_sitewide_plugin()不推荐用于激活仅网络插件的功能。Deprecated functionality for activating a network-only plugin.目录锚点:#说明#返回#源码说明(Description)另见激活插件()返回(Return)无返回值源码(Source)更新版本源码位置使用被使用3.0.0 wp-admin/includes/ms-deprecated.php:5701 function...
日期:2020-09-08 17:28:28
浏览:1736
addslashes_gpc( string $gpc )添加斜线以转义字符串。Adds slashes to escape strings.目录锚点:#说明#参数#返回#源码说明(Description)如果设置了magic_quotes_gpc,将首先删除斜线,请参见https://www.php.net/magic_quotes更多细节。参数(Parameters)参数类型必填说明 $gpc (string) ...
日期:2020-09-21 12:46:52
浏览:889
addslashes_strings_only( mixed $value )仅当提供的值是字符串时才添加斜杠。Adds slashes only if the provided value is a string.目录锚点:#参数#返回#源码参数(Parameters)参数类型必填说明 $value (mixed) 必需 返回(Return)(mixe...
日期:2020-09-24 15:58:41
浏览:1269
add_action( string $tag, callable $function_to_add, int $priority = 10, int $accepted_args = 1 )将函数挂接到特定操作上。Hooks a function on to a specific action.目录锚点:#说明#参数#返回#源码#笔记说明(Description)Actions是WordPress核心在执行期间...
日期:2020-09-08 17:28:28
浏览:1128
add_blog_option( int $id, string $option, mixed $value )为给定的博客id添加新选项。Add a new option for a given blog id.目录锚点:#说明#参数#返回#源码#笔记说明(Description)不需要序列化值。如果需要序列化该值,则在将其插入数据库之前将对其进行序列化。请记住,资源不能序列化或作为选项添加。可以创建不带值的选项,然后稍后更新这些值。现有选项将不会更新,并执行检...
日期:2020-08-26 10:53:23
浏览:944
add_clean_index( string $table, string $index )向指定表添加索引。Adds an index to a specified table.目录锚点:#参数#返回#源码#笔记参数(Parameters)参数类型必填说明 $table (string) 必需 数据库表名。 ...
日期:2020-09-08 17:28:29
浏览:945
add_comments_page( string $page_title, string $menu_title, string $capability, string $menu_slug, callable $function = '', int $position = null )将子菜单页添加到“注释”主菜单。Add submenu page to the Comments ma...
日期:2020-08-24 11:14:39
浏览:992