WP_REST_Plugins_Controller::sanitize_plugin_param() WordPress Method

The WP_REST_Plugins_Controller::sanitize_plugin_param() method is used to sanitize a plugin parameter before it is used to load a plugin. This is done to ensure that the parameter is a valid plugin name and to avoid potential security vulnerabilities.

WP_REST_Plugins_Controller::sanitize_plugin_param( string $file ) #

Sanitizes the “plugin” parameter to be a proper plugin file with “.php” appended.

Contents

Parameters
Return
Source
Related
- Uses
Changelog

Parameters

$file: (string)(Required)The plugin file parameter.

Return

(string)

Source

File: wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php

	public function sanitize_plugin_param( $file ) {
		return plugin_basename( sanitize_text_field( $file . '.php' ) );
	}

Expand full source code Collapse full source codeView on TracView on GitHub

Uses

Uses
Uses	Description
wp-includes/formatting.php:sanitize_text_field()	Sanitizes a string from user input or from the database.
wp-includes/plugin.php:plugin_basename()	Gets the basename of a plugin.

Changelog

Changelog
Version	Description
5.5.0	Introduced.

Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by the Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.