WP_SimplePie_Sanitize_KSES::sanitize() WordPress Method
The WP_SimplePie_Sanitize_KSES::sanitize() method is a wordpress function that is used to clean up content before it is displayed on a website. This function is used to remove any unwanted or potentially dangerous code from the content, such as HTML or Javascript. This function is especially important for websites that allow users to submit content, such as forums or blogs.
WP_SimplePie_Sanitize_KSES::sanitize( mixed $data, int $type, string $base = '' ) #
WordPress SimplePie sanitization using KSES.
Description
Sanitizes the incoming data, to ensure that it matches the type of data expected, using KSES.
Parameters
- $data
(mixed)(Required)The data that needs to be sanitized.
- $type
(int)(Required)The type of data that it's supposed to be.
- $base
(string)(Optional) The
xml:basevalue to use when converting relative URLs to absolute ones.Default value: ''
Return
(mixed) Sanitized data.
Source
File: wp-includes/class-wp-simplepie-sanitize-kses.php
public function sanitize( $data, $type, $base = '' ) {
$data = trim( $data );
if ( $type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML ) {
if ( preg_match( '/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data ) ) {
$type |= SIMPLEPIE_CONSTRUCT_HTML;
} else {
$type |= SIMPLEPIE_CONSTRUCT_TEXT;
}
}
if ( $type & SIMPLEPIE_CONSTRUCT_BASE64 ) {
$data = base64_decode( $data );
}
if ( $type & ( SIMPLEPIE_CONSTRUCT_HTML | SIMPLEPIE_CONSTRUCT_XHTML ) ) {
$data = wp_kses_post( $data );
if ( 'UTF-8' !== $this->output_encoding ) {
$data = $this->registry->call( 'Misc', 'change_encoding', array( $data, 'UTF-8', $this->output_encoding ) );
}
return $data;
} else {
return parent::sanitize( $data, $type, $base );
}
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 3.5.0 | Introduced. |