本文整理汇总了PHP中wp_kses_split函数的典型用法代码示例。如果您正苦于以下问题:PHP wp_kses_split函数的具体用法?PHP wp_kses_split怎么用?PHP wp_kses_split使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了wp_kses_split函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: wp_kses
function wp_kses($string, $allowed_html, $allowed_protocols = array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'feed', 'gopher', 'mailto'))
{
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$string = wp_kses_hook($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
}
开发者ID:robertlange81,项目名称:Website,代码行数:9,代码来源:kses.php
示例2: wp_kses
/**
* Filters content and keeps only allowable HTML elements.
*
* This function makes sure that only the allowed HTML element names, attribute
* names and attribute values plus only sane HTML entities will occur in
* $string. You have to remove any slashes from PHP's magic quotes before you
* call this function.
*
* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
* 'irc', 'gopher', 'nntp', 'feed', and finally 'telnet. This covers all common
* link protocols, except for 'javascript' which should not be allowed for
* untrusted users.
*
* @since 1.0.0
*
* @param string $string Content to filter through kses
* @param array $allowed_html List of allowed HTML elements
* @param array $allowed_protocols Optional. Allowed protocol in links.
* @return string Filtered content with only allowed HTML elements
*/
function wp_kses($string, $allowed_html, $allowed_protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet'))
{
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
$string = wp_kses_hook($string, $allowed_html_fixed, $allowed_protocols);
// WP changed the order of these funcs and added args to wp_kses_hook
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
}
开发者ID:bi0xid,项目名称:bach,代码行数:30,代码来源:functions.kses.php
示例3: wp_kses
/**
* Filters content and keeps only allowable HTML elements.
*
* This function makes sure that only the allowed HTML element names, attribute
* names and attribute values plus only sane HTML entities will occur in
* $string. You have to remove any slashes from PHP's magic quotes before you
* call this function.
*
* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
* 'irc', 'gopher', 'nntp', 'feed', 'telnet, 'mms', 'rtsp' and 'svn'. This
* covers all common link protocols, except for 'javascript' which should not
* be allowed for untrusted users.
*
* @since 1.0.0
*
* @param string $string Content to filter through kses
* @param array $allowed_html List of allowed HTML elements
* @param array $allowed_protocols Optional. Allowed protocol in links.
* @return string Filtered content with only allowed HTML elements
*/
function wp_kses($string, $allowed_html, $allowed_protocols = array())
{
global $allowedprotocols;
if (empty($allowed_protocols)) {
$allowed_protocols = $allowedprotocols;
}
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
return wp_kses_split($string, $allowed_html, $allowed_protocols);
}
开发者ID:VTAMAGNO,项目名称:gpEasy-CMS,代码行数:31,代码来源:kses.php
示例4: create_sanitize_custom_css
/**
* Sanitizes Custom CSS
* @param $input entered value
* @return sanitized output
*
* @since Create 2.1
*/
function create_sanitize_custom_css($input)
{
if ($input != '') {
$input = str_replace('<=', '<=', $input);
$input = wp_kses_split($input, array(), array());
$input = str_replace('>', '>', $input);
$input = strip_tags($input);
return $input;
} else {
return '';
}
}
开发者ID:peisheng,项目名称:wp,代码行数:19,代码来源:customizer-sanitize-functions.php
示例5: validate
/**
* Field Render Function.
* Takes the vars and validates them
*
* @since ReduxFramework 3.0.0
*/
function validate()
{
$data = $this->value;
$data = str_replace('<=', '<=', $data);
// Why KSES instead of strip_tags? Who knows?
$data = wp_kses_split($prev = $data, array(), array());
$data = str_replace('>', '>', $data);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$data = strip_tags($data);
if ($data != $this->value) {
$this->warning = __('Unsafe strings were found in your CSS and have been filtered out.', 'redux-framework');
}
$this->value = $data;
}
开发者ID:aguerojahannes,项目名称:aguerojahannes.com,代码行数:21,代码来源:validation_css.php
示例6: wp_kses
function wp_kses($string, $allowed_html, $allowed_protocols = array ('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'feed', 'gopher', 'mailto'))
###############################################################################
# This function makes sure that only the allowed HTML element names, attribute
# names and attribute values plus only sane HTML entities will occur in
# $string. You have to remove any slashes from PHP's magic quotes before you
# call this function.
###############################################################################
{
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$string = wp_kses_hook($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
} # function wp_kses
开发者ID:staylor,项目名称:develop.svn.wordpress.org,代码行数:15,代码来源:kses.php
示例7: sanitize_css
public static function sanitize_css($css)
{
if (!class_exists('csstidy')) {
require_once 'class.csstidy.php';
}
$csstidy = new csstidy();
$csstidy->set_cfg('remove_bslash', FALSE);
$csstidy->set_cfg('compress_colors', FALSE);
$csstidy->set_cfg('compress_font-weight', FALSE);
$csstidy->set_cfg('discard_invalid_properties', TRUE);
$csstidy->set_cfg('merge_selectors', FALSE);
$csstidy->set_cfg('remove_last_;', FALSE);
$csstidy->set_cfg('css_level', 'CSS3.0');
$csstovalidateindiv = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $css);
$csstovalidateindiv = wp_kses_split($csstovalidateindiv, array(), array());
$csstidy->parse($csstovalidateindiv);
$cssvalidated = $csstidy->print->plain();
return $cssvalidated;
}
开发者ID:vilmark,项目名称:vilmark_main,代码行数:19,代码来源:class.csstidy_sanitize_wp.php
示例8: pixopoint_validate_css
function pixopoint_validate_css($css)
{
// SafeCSS / CSSTidy stuff
require_once 'csstidy.php';
// CSS sanitising gizmo
$csstidy = new csstidy();
$csstidy->optimise = new safecss($csstidy);
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('merge_selectors', false);
$csstidy->set_cfg('preserve_css', true);
// Outputs code comments
// $csstidy->set_cfg( 'lowercase_s', false );
// $csstidy->set_cfg( 'optimise_shorthands', 1 );
// $csstidy->set_cfg( 'remove_last_;', false );
// $csstidy->set_cfg( 'case_properties', 1 );
// $csstidy->set_cfg( 'sort_properties', false );
// $csstidy->set_cfg( 'sort_selectors', false );
// Santisation stuff copied from SafeCSS by Automattic
$css = stripslashes($css);
$css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $prev = $css);
$css = str_replace('<=', '<=', $css);
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = wp_kses_split($prev = $css, array(), array());
// Why KSES instead of strip_tags? Who knows?
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
$css = strip_tags($css);
// Why both KSES and strip_tags? Because we just added some '>'.
// Parse with CSS tidy
$csstidy->parse($css);
// Parse with CSS Tidy
$css = $csstidy->print->plain();
// Grab CSS output
// Make CSS look pretty
$css = pixopoint_pretty_css($css);
return $css;
}
开发者ID:pemiu01,项目名称:wppaintbrush,代码行数:40,代码来源:csstidy.php
示例9: firmasite_sanitize_customcss
function firmasite_sanitize_customcss($css)
{
// Sadly we cant include csstidy. WordPress Theme Directory's automatic code checking system is not accepting it.
// You have 2 option for including css checker: install jetpack and activate custom css or copy csstidy's folder to theme's functions folder from jetpack's plugin
firmasite_safecss_class();
if (class_exists('safecss') || class_exists('firmasite_safecss')) {
$csstidy = new csstidy();
if (class_exists('firmasite_safecss')) {
$csstidy->optimise = new firmasite_safecss($csstidy);
} else {
$csstidy->optimise = new safecss($csstidy);
}
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('optimise_shorthands', 0);
$csstidy->set_cfg('remove_last_;', false);
$csstidy->set_cfg('case_properties', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('css_level', 'CSS3.0');
$csstidy->set_cfg('preserve_css', true);
$csstidy->set_cfg('template', dirname(__FILE__) . '/csstidy/wordpress-standard.tpl');
$css = stripslashes($css);
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = str_replace('<=', '<=', $css);
// Why KSES instead of strip_tags? Who knows?
$css = wp_kses_split($prev = $css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$css = strip_tags($css);
$csstidy->parse($css);
$safe_css = $csstidy->print->plain();
} else {
$safe_css = $css;
}
return $safe_css;
}
开发者ID:paulmedwal,项目名称:edxforumspublic,代码行数:38,代码来源:custom-custom-css.php
示例10: validate
/**
* Field Render Function.
* Takes the vars and validates them
*
* @since ReduxFramework 3.0.0
*/
function validate()
{
require_once dirname(__FILE__) . '/csstidy/class.csstidy.php';
$csstidy = new csstidy();
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('optimise_shorthands', 0);
$csstidy->set_cfg('remove_last_;', false);
$csstidy->set_cfg('case_properties', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('css_level', 'CSS3.0');
$csstidy->set_cfg('preserve_css', true);
$csstidy->set_cfg('template', dirname(__FILE__) . '/csstidy/wordpress-standard.tpl');
$css = $orig = $this->value;
$css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $prev = $css);
if ($css != $prev) {
$this->warning = true;
}
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = str_replace('<=', '<=', $css);
// Why KSES instead of strip_tags? Who knows?
$css = wp_kses_split($prev = $css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$css = strip_tags($css);
if ($css != $prev) {
$this->warning = true;
}
$csstidy->parse($css);
$this->value = $csstidy->print->plain();
if (isset($this->warning) && $this->warning) {
$this->warning = __('Unsafe strings were found in your CSS and have been filtered out.', 'redux-framework');
}
}
开发者ID:justinwool,项目名称:vortago,代码行数:42,代码来源:validation_css.php
示例11: custom_css_sanitize
/**
* sanitize css input
*
* @since 0.9.5
* @access private
*/
function custom_css_sanitize($css)
{
if ('' != $css) {
//$css = stripslashes( wp_filter_post_kses( addslashes( $value ) ) );
$css = str_replace('<=', '<=', $css);
$css = wp_kses_split($css, array(), array());
$css = str_replace('>', '>', $css);
$css = strip_tags($css);
}
return $css;
}
开发者ID:javipaur,项目名称:TiendaVirtual,代码行数:17,代码来源:custom-css.php
示例12: update_settings
public function update_settings()
{
global $register_plus_redux;
$options = array();
$redux_usermeta = array();
$_POST = stripslashes_deep((array) $_POST);
if (isset($_POST['custom_logo_url']) && !isset($_POST['remove_logo'])) {
$options['custom_logo_url'] = esc_url_raw((string) $_POST['custom_logo_url']);
}
$options['verify_user_email'] = isset($_POST['verify_user_email']) ? '1' : '0';
$options['message_verify_user_email'] = isset($_POST['message_verify_user_email']) ? wp_kses_post((string) $_POST['message_verify_user_email']) : '';
$options['verify_user_admin'] = isset($_POST['verify_user_admin']) ? '1' : '0';
$options['message_verify_user_admin'] = isset($_POST['message_verify_user_admin']) ? wp_kses_post((string) $_POST['message_verify_user_admin']) : '';
$options['delete_unverified_users_after'] = isset($_POST['delete_unverified_users_after']) ? absint((string) $_POST['delete_unverified_users_after']) : '0';
$options['registration_redirect_url'] = isset($_POST['registration_redirect_url']) ? esc_url_raw((string) $_POST['registration_redirect_url']) : '';
$options['verification_redirect_url'] = isset($_POST['verification_redirect_url']) ? esc_url_raw((string) $_POST['verification_redirect_url']) : '';
$options['autologin_user'] = isset($_POST['autologin_user']) ? '1' : '0';
$options['username_is_email'] = isset($_POST['username_is_email']) ? '1' : '0';
$options['double_check_email'] = isset($_POST['double_check_email']) ? '1' : '0';
if (isset($_POST['show_fields']) && is_array($_POST['show_fields'])) {
$options['show_fields'] = (array) $_POST['show_fields'];
}
if (isset($_POST['required_fields']) && is_array($_POST['required_fields'])) {
$options['required_fields'] = (array) $_POST['required_fields'];
}
$options['user_set_password'] = isset($_POST['user_set_password']) ? '1' : '0';
$options['min_password_length'] = isset($_POST['min_password_length']) ? absint($_POST['min_password_length']) : 0;
$options['disable_password_confirmation'] = isset($_POST['disable_password_confirmation']) ? '1' : '0';
$options['show_password_meter'] = isset($_POST['show_password_meter']) ? '1' : '0';
$options['message_empty_password'] = isset($_POST['message_empty_password']) ? wp_kses_data((string) $_POST['message_empty_password']) : '';
$options['message_short_password'] = isset($_POST['message_short_password']) ? wp_kses_data((string) $_POST['message_short_password']) : '';
$options['message_bad_password'] = isset($_POST['message_bad_password']) ? wp_kses_data((string) $_POST['message_bad_password']) : '';
$options['message_good_password'] = isset($_POST['message_good_password']) ? wp_kses_data((string) $_POST['message_good_password']) : '';
$options['message_strong_password'] = isset($_POST['message_strong_password']) ? wp_kses_data((string) $_POST['message_strong_password']) : '';
$options['message_mismatch_password'] = isset($_POST['message_mismatch_password']) ? wp_kses_data((string) $_POST['message_mismatch_password']) : '';
$options['enable_invitation_code'] = isset($_POST['enable_invitation_code']) ? '1' : '0';
if (isset($_POST['invitation_code_bank']) && is_array($_POST['invitation_code_bank'])) {
$invitation_code_bank = (array) $_POST['invitation_code_bank'];
}
$options['require_invitation_code'] = isset($_POST['require_invitation_code']) ? '1' : '0';
$options['invitation_code_case_sensitive'] = isset($_POST['invitation_code_case_sensitive']) ? '1' : '0';
$options['invitation_code_unique'] = isset($_POST['invitation_code_unique']) ? '1' : '0';
$options['enable_invitation_tracking_widget'] = isset($_POST['enable_invitation_tracking_widget']) ? '1' : '0';
$options['show_disclaimer'] = isset($_POST['show_disclaimer']) ? '1' : '0';
$options['message_disclaimer_title'] = isset($_POST['message_disclaimer_title']) ? sanitize_text_field((string) $_POST['message_disclaimer_title']) : '';
$options['message_disclaimer'] = isset($_POST['message_disclaimer']) ? wp_kses_post((string) $_POST['message_disclaimer']) : '';
$options['require_disclaimer_agree'] = isset($_POST['require_disclaimer_agree']) ? '1' : '0';
$options['message_disclaimer_agree'] = isset($_POST['message_disclaimer_agree']) ? sanitize_text_field((string) $_POST['message_disclaimer_agree']) : '';
$options['show_license'] = isset($_POST['show_license']) ? '1' : '0';
$options['message_license_title'] = isset($_POST['message_license_title']) ? sanitize_text_field((string) $_POST['message_license_title']) : '';
$options['message_license'] = isset($_POST['message_license']) ? wp_kses_post((string) $_POST['message_license']) : '';
$options['require_license_agree'] = isset($_POST['require_license_agree']) ? '1' : '0';
$options['message_license_agree'] = isset($_POST['message_license_agree']) ? sanitize_text_field((string) $_POST['message_license_agree']) : '';
$options['show_privacy_policy'] = isset($_POST['show_privacy_policy']) ? '1' : '0';
$options['message_privacy_policy_title'] = isset($_POST['message_privacy_policy_title']) ? sanitize_text_field((string) $_POST['message_privacy_policy_title']) : '';
$options['message_privacy_policy'] = isset($_POST['message_privacy_policy']) ? wp_kses_post((string) $_POST['message_privacy_policy']) : '';
$options['require_privacy_policy_agree'] = isset($_POST['require_privacy_policy_agree']) ? '1' : '0';
$options['message_privacy_policy_agree'] = isset($_POST['message_privacy_policy_agree']) ? sanitize_text_field((string) $_POST['message_privacy_policy_agree']) : '';
$options['default_css'] = isset($_POST['default_css']) ? '1' : '0';
$options['required_fields_style'] = '';
if (isset($_POST['required_fields_style'])) {
// Stolen from Jetpack 2.0.4 custom-css.php Jetpack_Custom_CSS::filter_attr()
require_once 'csstidy/class.csstidy.php';
$csstidy = new csstidy();
$csstidy->set_cfg('remove_bslash', FALSE);
$csstidy->set_cfg('compress_colors', FALSE);
$csstidy->set_cfg('compress_font-weight', FALSE);
$csstidy->set_cfg('discard_invalid_properties', TRUE);
$csstidy->set_cfg('merge_selectors', FALSE);
$csstidy->set_cfg('remove_last_;', FALSE);
$csstidy->set_cfg('css_level', 'CSS3.0');
$required_fields_style = 'div {' . (string) $_POST['required_fields_style'] . '}';
$required_fields_style = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $required_fields_style);
$required_fields_style = wp_kses_split($required_fields_style, array(), array());
$csstidy->parse($required_fields_style);
$required_fields_style = $csstidy->print->plain();
$required_fields_style = str_replace(array("\n", "\r", "\t"), '', $required_fields_style);
preg_match("/^div\\s*{(.*)}\\s*\$/", $required_fields_style, $matches);
if (!empty($matches[1])) {
$options['required_fields_style'] = $matches[1];
}
}
$options['required_fields_asterisk'] = isset($_POST['required_fields_asterisk']) ? '1' : '0';
$options['starting_tabindex'] = isset($_POST['starting_tabindex']) ? absint($_POST['starting_tabindex']) : 0;
/*
if ( isset( $_POST['datepicker_firstdayofweek'] ) ) $options['datepicker_firstdayofweek'] = absint( $_POST['datepicker_firstdayofweek'] );
if ( isset( $_POST['datepicker_dateformat'] ) ) $options['datepicker_dateformat'] = sanitize_text_field( (string) $_POST['datepicker_dateformat'] );
if ( isset( $_POST['datepicker_startdate'] ) ) $options['datepicker_startdate'] = sanitize_text_field( (string) $_POST['datepicker_startdate'] );
if ( isset( $_POST['datepicker_calyear'] ) ) $options['datepicker_calyear'] = sanitize_text_field( (string) $_POST['datepicker_calyear'] );
if ( isset( $_POST['datepicker_calmonth'] ) ) $options['datepicker_calmonth'] = sanitize_text_field( (string) $_POST['datepicker_calmonth'] );
*/
$options['disable_user_message_registered'] = isset($_POST['disable_user_message_registered']) ? '1' : '0';
$options['disable_user_message_created'] = isset($_POST['disable_user_message_created']) ? '1' : '0';
$options['custom_user_message'] = isset($_POST['custom_user_message']) ? '1' : '0';
$options['user_message_from_email'] = isset($_POST['user_message_from_email']) ? sanitize_text_field((string) $_POST['user_message_from_email']) : '';
$options['user_message_from_name'] = isset($_POST['user_message_from_name']) ? sanitize_text_field((string) $_POST['user_message_from_name']) : '';
$options['user_message_subject'] = isset($_POST['user_message_subject']) ? sanitize_text_field((string) $_POST['user_message_subject']) : '';
$options['user_message_body'] = isset($_POST['user_message_body']) ? wp_kses_post((string) $_POST['user_message_body']) : '';
$options['send_user_message_in_html'] = isset($_POST['send_user_message_in_html']) ? '1' : '0';
$options['user_message_newline_as_br'] = isset($_POST['user_message_newline_as_br']) ? '1' : '0';
//.........这里部分代码省略.........
开发者ID:raj-rk,项目名称:Raj,代码行数:101,代码来源:rpr-admin-menu.php
示例13: sanitize_settings_choices
/**
* Sanitize the field choices property.
*
* @param array|null $choices The field choices property.
*
* @return array|null
*/
public function sanitize_settings_choices($choices = null)
{
if (is_null($choices)) {
$choices =& $this->choices;
}
if (!is_array($choices)) {
return $choices;
}
foreach ($choices as &$choice) {
if (isset($choice['isSelected'])) {
$choice['isSelected'] = (bool) $choice['isSelected'];
}
if (isset($choice['price']) && !empty($choice['price'])) {
$price_number = GFCommon::to_number($choice['price']);
$choice['price'] = GFCommon::to_money($price_number);
}
if (isset($choice['text'])) {
$choice['text'] = $this->maybe_wp_kses($choice['text']);
}
if (isset($choice['value'])) {
// Strip scripts but don't encode
$allowed_protocols = wp_allowed_protocols();
$choice['value'] = wp_kses_no_null($choice['value'], array('slash_zero' => 'keep'));
$choice['value'] = wp_kses_hook($choice['value'], 'post', $allowed_protocols);
$choice['value'] = wp_kses_split($choice['value'], 'post', $allowed_protocols);
}
}
return $choices;
}
开发者ID:SayenkoDesign,项目名称:ividf,代码行数:36,代码来源:class-gf-field.php
示例14: sanitize_entry_value
/**
* Override this method to implement the appropriate sanitization specific to the field type before the value is saved.
*
* This base method provides a generic sanitization similar to wp_kses but values are not encoded.
* Scripts are stripped out leaving allowed tags if HTMl is allowed.
*
* @param string $value The field value to be processed.
* @param int $form_id The ID of the form currently being processed.
*
* @return string
*/
public function sanitize_entry_value($value, $form_id)
{
if (is_array($value)) {
return '';
}
//allow HTML for certain field types
$allow_html = $this->allow_html();
$allowable_tags = gf_apply_filters(array('gform_allowable_tags', $form_id), $allow_html, $this, $form_id);
if ($allowable_tags !== true) {
$value = strip_tags($value, $allowable_tags);
}
$allowed_protocols = wp_allowed_protocols();
$value = wp_kses_no_null($value, array('slash_zero' => 'keep'));
$value = wp_kses_hook($value, 'post', $allowed_protocols);
$value = wp_kses_split($value, 'post', $allowed_protocols);
return $value;
}
开发者ID:timk85,项目名称:DIT,代码行数:28,代码来源:class-gf-field.php
示例15: sanitize_css
/**
* sanitize user entered css
* as seen here: http://wordpress.stackexchange.com/questions/53970/sanitize-user-entered-css
*
* @param type $css
*/
function sanitize_css($css)
{
if (!class_exists('csstidy')) {
include_once 'csstidy/class.csstidy.php';
}
$csstidy = new csstidy();
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('merge_selectors', false);
$csstidy->set_cfg('remove_last_;', false);
$csstidy->set_cfg('css_level', 'CSS3.0');
$css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $css);
$css = wp_kses_split($css, array(), array());
$csstidy->parse($css);
return $csstidy->print->plain();
}
开发者ID:bigkey,项目名称:php-getting-started,代码行数:24,代码来源:bm-custom-login.php
示例16: EscapeAndFilterPostKSES
function EscapeAndFilterPostKSES($strString, $arrAllowedTags = array(), $arrDisallowedTags = array(), $arrAllowedProtocols = array())
{
// $arrAllowedTags : e.g. array( 'noscript' => array(), 'style' => array() );
// $arrDisallowedTags : e.g. array( 'table', 'tbody', 'thoot', 'thead', 'th', 'tr' );
global $allowedposttags;
// $arrAllowedHTML = array_replace_recursive( $allowedposttags, $arrAllowedTags ); // the second parameter takes over the first.
// $arrAllowedHTML = wp_parse_args( $arrAllowedTags, $allowedposttags ); // the first parameter takes over the second.
$arrAllowedHTML = $this->oUtil->UniteArraysRecursive($arrAllowedTags, $allowedposttags);
// the first parameter takes over the second.
foreach ($arrDisallowedTags as $strTag) {
if (isset($arrAllowedHTML[$strTag])) {
unset($arrAllowedHTML[$strTag]);
}
}
if (empty($arrAllowedProtocols)) {
$arrAllowedProtocols = wp_allowed_protocols();
}
$strString = addslashes($strString);
// the original function call was doing this - could be redundant but haven't fully tested it
$strString = stripslashes($strString);
// wp_filter_post_kses()
$strString = wp_kses_no_null($strString);
// wp_kses()
$strString = wp_kses_js_entities($strString);
// wp_kses()
$strString = wp_kses_normalize_entities($strString);
// wp_kses()
$strString = wp_kses_hook($strString, $arrAllowedHTML, $arrAllowedProtocols);
// WP changed the order of these funcs and added args to wp_kses_hook
$strString = wp_kses_split($strString, $arrAllowedHTML, $arrAllowedProtocols);
$strString = addslashes($strString);
// wp_filter_post_kses()
$strString = stripslashes($strString);
// the original function call was doing this - could be redundant but haven't fully tested it
return $strString;
}
开发者ID:MarkSpencerTan,项目名称:webdev,代码行数:36,代码来源:ResponsiveColumnWidgets_Admin_Page_.php
示例17: cleanupCss
/**
* Clean up CSS.
* Minimal intervention, but prevent users from injecting garbage.
*
* @param $css
*
* @return string
*/
protected static function cleanupCss($css)
{
$css = stripslashes($css);
$css = preg_replace('/\\\\([0-9a-fA-F]{2,4})/', '\\\\\\\\$1', $prev = $css);
if ($css != $prev) {
$warnings[] = 'preg_replace() double escaped unicode escape sequences';
}
$css = str_replace('<=', '<=', $css);
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = wp_kses_split($prev = $css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
$css = strip_tags($css);
if ($css != $prev) {
$warnings[] = 'kses() and strip_tags() do not match';
}
// TODO: Something with $warnings[]
return $css;
}
开发者ID:pressbooks,项目名称:pressbooks,代码行数:27,代码来源:class-pb-customcss.php
示例18: fanoe_sanitize_custom_css
function fanoe_sanitize_custom_css($value)
{
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = str_replace('<=', '<=', $value);
// Why KSES instead of strip_tags? Who knows?
$css = wp_kses_split($css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$css = strip_tags($css);
return $css;
}
开发者ID:AndroidScriptAS,项目名称:bismarck_smv,代码行数:12,代码来源:functions.php
示例19: sanitize_css
/**
* Sanitize the CSS for users without `unfiltered_html`.
*
* @param string $css Input CSS.
* @param array $args Array of CSS options.
*
* @return mixed|string
*/
public static function sanitize_css($css, $args = array())
{
$args = wp_parse_args($args, array('force' => false, 'preprocessor' => null));
if ($args['force'] || !current_user_can('unfiltered_html')) {
$warnings = array();
safecss_class();
$csstidy = new csstidy();
$csstidy->optimise = new safecss($csstidy);
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('optimise_shorthands', 0);
$csstidy->set_cfg('remove_last_;', false);
$csstidy->set_cfg('case_properties', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('css_level', 'CSS3.0');
$csstidy->set_cfg('preserve_css', true);
$csstidy->set_cfg('template', dirname(__FILE__) . '/csstidy/wordpress-standard.tpl');
$prev = $css;
$css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $css);
// prevent content: '\3434' from turning into '\\3434'.
$css = str_replace(array('\'\\\\', '"\\\\'), array('\'\\', '"\\'), $css);
if ($css !== $prev) {
$warnings[] = 'preg_replace found stuff';
}
// Some people put weird stuff in their CSS, KSES tends to be greedy.
$css = str_replace('<=', '<=', $css);
$prev = $css;
// Why KSES instead of strip_tags? Who knows?
$css = wp_kses_split($css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$css = strip_tags($css);
if ($css != $prev) {
$warnings[] = 'kses found stuff';
}
// if we're not using a preprocessor.
if (!$args['preprocessor']) {
/** This action is documented in modules/custom-css/custom-css.php */
do_action('safecss_parse_pre', $csstidy, $css, $args);
$csstidy->parse($css);
/** This action is documented in modules/custom-css/custom-css.php */
do_action('safecss_parse_post', $csstidy, $warnings, $args);
$css = $csstidy->print->plain();
}
}
return $css;
}
开发者ID:Automattic,项目名称:vip-mu-plugins-public,代码行数:57,代码来源:custom-css-4.7.php
示例20: escapeKSESFilter
/**
* Escapes the given string for the KSES filter with the criteria of allowing/disallowing tags and the protocol.
*
* @remark Attributes are not supported at this moment.
* @param array $aAllowedTags e.g. array( 'noscript', 'style', )
* @param array $aDisallowedTags e.g. array( 'table', 'tbody', 'thoot', 'thead', 'th', 'tr' )
* @since 2.0.0
*/
public static function escapeKSESFilter($sString, $aAllowedTags = array(), $aDisallowedTags = array(), $aAllowedProtocols = array())
{
foreach ($aAllowedTags as $sTag) {
$aFormatAllowedTags[$sTag] = array();
// activate the inline style attribute.
}
$aAllowedHTMLTags = AmazonAutoLinks_Utility::uniteArrays($aFormatAllowedTags, $GLOBALS['allowedposttags']);
// the first parameter takes over the second.
foreach ($aDisallowedTags as $sTag) {
if (isset($aAllowedHTMLTags[$sTag])) {
unset($aAllowedHTMLTags[$sTag]);
}
}
if (empty($aAllowedProtocols)) {
$aAllowedProtocols = wp_allowed_protocols();
}
$sString = addslashes($sString);
// the original function call was doing this - could be redundant but haven't fully tested it
$sString = stripslashes($sString);
// wp_filter_post_kses()
$sString = wp_kses_no_null($sString);
// wp_kses()
$sString = wp_kses_js_entities($sString);
// wp_kses()
$sString = wp_kses_normalize_entities($sString);
// wp_kses()
$sString = wp_kses_hook($sString, $aAllowedHTMLTags, $aAllowedProtocols);
// WP changed the order of these funcs and added args to wp_kses_hook
$sString = wp_kses_split($sString, $aAllowedHTMLTags, $aAllowedProtocols);
$sString = addslashes($sString);
// wp_filter_post_kses()
$sString = stripslashes($sString);
// the original function call was doing this - could be redundant but haven't fully tested it
return $sString;
}
开发者ID:ashik968,项目名称:digiplot,代码行数:43,代码来源:AmazonAutoLinks_WPUtility.php
注:本文中的wp_kses_split函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论