1. 首页
  2. WordPress 函数手册

wp_kses_split2()

wp_kses_split2( string $string, array $allowed_html, array $allowed_protocols )

用于修复格式错误的HTML标记的wp_kses_split回调。
Callback for wp_kses_split for fixing malformed HTML tags.

目录锚点:#说明#参数#源码


说明(Description)

这个函数做了很多工作。它拒绝一些非常畸形的东西,比如<:::>。如果不允许元素,则返回空字符串(look ma,no strip_tags()!)。否则,它将标记拆分为元素和属性列表。在将标记拆分为元素和属性列表后,它将通过另一个过滤器运行,该过滤器将删除非法属性,完成后将返回。


参数(Parameters)

参数 类型 说明
$string (string) 要筛选的内容
$allowed_html (array) 允许的HTML元素
$allowed_protocols (array) 允许的协议

源码(Source)

/**
 * Callback for wp_kses_split for fixing malformed HTML tags.
 *
 * This function does a lot of work. It rejects some very malformed things like
 * <:::>. It returns an empty string, if the element isn't allowed (look ma, no
 * strip_tags()!). Otherwise it splits the tag into an element and an attribute
 * list.
 *
 * After the tag is split into an element and an attribute list, it is run
 * through another filter which will remove illegal attributes and once that is
 * completed, will be returned.
 *
 * @access private
 * @since 1.0.0
 *
 * @param string $string            Content to filter
 * @param array  $allowed_html      Allowed HTML elements
 * @param array  $allowed_protocols Allowed protocols to keep
 * @return string Fixed HTML element
 */
function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
	$string = wp_kses_stripslashes($string);

	if (substr($string, 0, 1) != '<') return="" '>';="" it="" matched="" a="" "="">" character

	if ( ''), '', $string );
		while ( $string != ($newstring = wp_kses($string, $allowed_html, $allowed_protocols)) )
			$string = $newstring;
		if ( $string == '' )
			return '';
		// prevent multiple dashes in comments
		$string = preg_replace('/--+/', '-', $string);
		// prevent three dashes closing a comment
		$string = preg_replace('/-$/', '', $string);
		return "";
	}
	// Allow HTML comments

	if (!preg_match('%^]*)>?$%', $string, $matches))
		return '';
	// It's seriously malformed

	$slash = trim($matches[1]);
	$elem = $matches[2];
	$attrlist = $matches[3];

	if ( ! is_array( $allowed_html ) )
		$allowed_html = wp_kses_allowed_html( $allowed_html );

	if ( ! isset($allowed_html[strtolower($elem)]) )
		return '';
	// They are using a not allowed HTML element

	if ($slash != '')
		return "";
	// No attributes are allowed for closing elements

	return wp_kses_attr( $elem, $attrlist, $allowed_html, $allowed_protocols );
}
更新版本 源码位置 使用 被使用
1.0.0 wp-includes/kses.php 5 13

wp_kses_split2() 为WP2原创文章,链接:https://www.wp2.cn/functions/wp_kses_split2/