CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
sanitize_key example
if ( is_array( $qv['fields'] ) ) {
$qv['fields'] = array_map( 'strtolower', $qv['fields'] );
$qv['fields'] = array_intersect( array_unique( $qv['fields'] ), $allowed_fields );
if ( empty( $qv['fields'] ) ) {
$qv['fields'] = array( 'id' );
}
$this->query_fields = array();
foreach ( $qv['fields'] as $field ) {
$field = 'id' === $field ? 'ID' : sanitize_key( $field );
$this->query_fields[] = "$wpdb->users.$field";
}
$this->query_fields = implode( ',', $this->query_fields );
} elseif ( 'all_with_meta' === $qv['fields'] || 'all' === $qv['fields'] || ! in_array( $qv['fields'], $allowed_fields, true ) ) {
$this->query_fields = "$wpdb->users.ID";
} else {
$field = 'id' === strtolower( $qv['fields'] ) ? 'ID' : sanitize_key( $qv['fields'] );
$this->query_fields = "$wpdb->users.$field";
}
if ( isset( $qv['count_total'] ) && $qv['count_total'] ) {
$qv['fields'] = array_map( 'strtolower', $qv['fields'] );
$qv['fields'] = array_intersect( array_unique( $qv['fields'] ), $allowed_fields );
if ( empty( $qv['fields'] ) ) {
$qv['fields'] = array( 'id' );
}
$this->query_fields = array();
foreach ( $qv['fields'] as $field ) {
$field = 'id' === $field ? 'ID' : sanitize_key( $field );
$this->query_fields[] = "$wpdb->users.$field";
}
$this->query_fields = implode( ',', $this->query_fields );
} elseif ( 'all_with_meta' === $qv['fields'] || 'all' === $qv['fields'] || ! in_array( $qv['fields'], $allowed_fields, true ) ) {
$this->query_fields = "$wpdb->users.ID";
} else {
$field = 'id' === strtolower( $qv['fields'] ) ? 'ID' : sanitize_key( $qv['fields'] );
$this->query_fields = "$wpdb->users.$field";
}
if ( isset( $qv['count_total'] ) && $qv['count_total'] ) {
if ( empty( $_REQUEST['post_format'] ) || $post->ID != $post_id
|| 'post_format' !== $taxonomy || 'revision' === $post->post_type
) {
return $terms;
}
if ( 'standard' === $_REQUEST['post_format'] ) {
$terms = array();
} else {
$term = get_term_by( 'slug', 'post-format-' . sanitize_key( $_REQUEST['post_format'] ), 'post_format' );
if ( $term ) {
$terms = array( $term ); // Can only have one post format. }
}
return $terms;
}
/** * Filters post thumbnail lookup to set the post thumbnail. * * @since 4.6.0 * @access private * * @param null|array|string $value The value to return - a single metadata value, or an array of values. * @param int $post_id Post ID. * @param string $meta_key Meta key. * @return null|array The default return value or the post thumbnail meta array. */
'error'
);
} else {
add_settings_error(
'privacy_action_email_retry',
'privacy_action_email_retry',
__( 'Confirmation request sent again successfully.' ),
'success'
);
}
} elseif ( isset( $_POST['action'] ) ) {
$action = ! empty( $_POST['action'] ) ? sanitize_key( wp_unslash( $_POST['action'] ) ) : '';
switch ( $action ) {
case 'add_export_personal_data_request':
case 'add_remove_personal_data_request':
check_admin_referer( 'personal-data-request' );
if ( ! isset( $_POST['type_of_action'], $_POST['username_or_email_for_privacy_request'] ) ) {
add_settings_error(
'action_type',
'action_type',
__( 'Invalid personal data action.' ),
);
} else {
add_settings_error(
'privacy_action_email_retry',
'privacy_action_email_retry',
__( 'Confirmation request sent again successfully.' ),
'success'
);
}
} elseif ( isset( $_POST['action'] ) ) {
$action = ! empty( $_POST['action'] ) ? sanitize_key( wp_unslash( $_POST['action'] ) ) : '';
switch ( $action ) {
case 'add_export_personal_data_request':
case 'add_remove_personal_data_request':
check_admin_referer( 'personal-data-request' );
if ( ! isset( $_POST['type_of_action'], $_POST['username_or_email_for_privacy_request'] ) ) {
add_settings_error(
'action_type',
'action_type',
__( 'Invalid personal data action.' ),
$menu_item_value = array_merge( $default, $menu_item_value );
$menu_item_value = wp_array_slice_assoc( $menu_item_value, array_keys( $default ) );
$menu_item_value['position'] = (int) $menu_item_value['position'];
foreach ( array( 'object_id', 'menu_item_parent', 'nav_menu_term_id' ) as $key ) {
// Note we need to allow negative-integer IDs for previewed objects not inserted yet. $menu_item_value[ $key ] = (int) $menu_item_value[ $key ];
}
foreach ( array( 'type', 'object', 'target' ) as $key ) {
$menu_item_value[ $key ] = sanitize_key( $menu_item_value[ $key ] );
}
foreach ( array( 'xfn', 'classes' ) as $key ) {
$value = $menu_item_value[ $key ];
if ( ! is_array( $value ) ) {
$value = explode( ' ', $value );
}
$menu_item_value[ $key ] = implode( ' ', array_map( 'sanitize_html_class', $value ) );
}
$menu_item_value['original_title'] = sanitize_text_field( $menu_item_value['original_title'] );
$args['menu-item-object-id'] = $menu_item_db_id;
$args['menu-item-object'] = 'custom';
}
$menu_item_db_id = (int) $menu_item_db_id;
// Reset invalid `menu_item_parent`. if ( (int) $args['menu-item-parent-id'] === $menu_item_db_id ) {
$args['menu-item-parent-id'] = 0;
}
update_post_meta( $menu_item_db_id, '_menu_item_type', sanitize_key( $args['menu-item-type'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_menu_item_parent', (string) ( (int) $args['menu-item-parent-id'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_object_id', (string) ( (int) $args['menu-item-object-id'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_object', sanitize_key( $args['menu-item-object'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_target', sanitize_key( $args['menu-item-target'] ) );
$args['menu-item-classes'] = array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-classes'] ) );
$args['menu-item-xfn'] = implode( ' ', array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-xfn'] ) ) );
update_post_meta( $menu_item_db_id, '_menu_item_classes', $args['menu-item-classes'] );
update_post_meta( $menu_item_db_id, '_menu_item_xfn', $args['menu-item-xfn'] );
update_post_meta( $menu_item_db_id, '_menu_item_url', sanitize_url( $args['menu-item-url'] ) );
$args['menu-item-object'] = 'custom';
}
$menu_item_db_id = (int) $menu_item_db_id;
// Reset invalid `menu_item_parent`. if ( (int) $args['menu-item-parent-id'] === $menu_item_db_id ) {
$args['menu-item-parent-id'] = 0;
}
update_post_meta( $menu_item_db_id, '_menu_item_type', sanitize_key( $args['menu-item-type'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_menu_item_parent', (string) ( (int) $args['menu-item-parent-id'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_object_id', (string) ( (int) $args['menu-item-object-id'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_object', sanitize_key( $args['menu-item-object'] ) );
update_post_meta( $menu_item_db_id, '_menu_item_target', sanitize_key( $args['menu-item-target'] ) );
$args['menu-item-classes'] = array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-classes'] ) );
$args['menu-item-xfn'] = implode( ' ', array_map( 'sanitize_html_class', explode( ' ', $args['menu-item-xfn'] ) ) );
update_post_meta( $menu_item_db_id, '_menu_item_classes', $args['menu-item-classes'] );
update_post_meta( $menu_item_db_id, '_menu_item_xfn', $args['menu-item-xfn'] );
update_post_meta( $menu_item_db_id, '_menu_item_url', sanitize_url( $args['menu-item-url'] ) );
$changeset_uuid = false;
/* * Set initially fo false since defaults to true for back-compat; * can be overridden via the customize_changeset_branching filter. */
$branching = false;
if ( $is_customize_admin_page && isset( $input_vars['changeset_uuid'] ) ) {
$changeset_uuid = sanitize_key( $input_vars['changeset_uuid'] );
} elseif ( ! empty( $input_vars['customize_changeset_uuid'] ) ) {
$changeset_uuid = sanitize_key( $input_vars['customize_changeset_uuid'] );
}
// Note that theme will be sanitized via WP_Theme. if ( $is_customize_admin_page && isset( $input_vars['theme'] ) ) {
$theme = $input_vars['theme'];
} elseif ( isset( $input_vars['customize_theme'] ) ) {
$theme = $input_vars['customize_theme'];
}
if ( ! $post_type && $hook_name ) {
if ( str_ends_with( $id, '-network' ) ) {
$id = substr( $id, 0, -8 );
$in_admin = 'network';
} elseif ( str_ends_with( $id, '-user' ) ) {
$id = substr( $id, 0, -5 );
$in_admin = 'user';
}
$id = sanitize_key( $id );
if ( 'edit-comments' !== $id && 'edit-tags' !== $id && str_starts_with( $id, 'edit-' ) ) {
$maybe = substr( $id, 5 );
if ( taxonomy_exists( $maybe ) ) {
$id = 'edit-tags';
$taxonomy = $maybe;
} elseif ( post_type_exists( $maybe ) ) {
$id = 'edit';
$post_type = $maybe;
}
}
/** * Sanitizes property names. * * @since 6.1.0 * * @param string $property The CSS property. * @return string The sanitized property name. */
protected function sanitize_property( $property ) {
return sanitize_key( $property );
}
}
'object' => wp_unslash( $_POST['object'] ),
'page' => empty( $_POST['page'] ) ? 0 : absint( $_POST['page'] ),
);
} else {
wp_send_json_error( 'nav_menus_missing_type_or_object_parameter' );
}
foreach ( $item_types as $item_type ) {
if ( empty( $item_type['type'] ) || empty( $item_type['object'] ) ) {
wp_send_json_error( 'nav_menus_missing_type_or_object_parameter' );
}
$type = sanitize_key( $item_type['type'] );
$object = sanitize_key( $item_type['object'] );
$page = empty( $item_type['page'] ) ? 0 : absint( $item_type['page'] );
$items = $this->load_available_items_query( $type, $object, $page );
if ( is_wp_error( $items ) ) {
wp_send_json_error( $items->get_error_code() );
}
$all_items[ $item_type['type'] . ':' . $item_type['object'] ] = $items;
}
wp_send_json_success( array( 'items' => $all_items ) );
}
'page' => empty( $_POST['page'] ) ? 0 : absint( $_POST['page'] ),
);
} else {
wp_send_json_error( 'nav_menus_missing_type_or_object_parameter' );
}
foreach ( $item_types as $item_type ) {
if ( empty( $item_type['type'] ) || empty( $item_type['object'] ) ) {
wp_send_json_error( 'nav_menus_missing_type_or_object_parameter' );
}
$type = sanitize_key( $item_type['type'] );
$object = sanitize_key( $item_type['object'] );
$page = empty( $item_type['page'] ) ? 0 : absint( $item_type['page'] );
$items = $this->load_available_items_query( $type, $object, $page );
if ( is_wp_error( $items ) ) {
wp_send_json_error( $items->get_error_code() );
}
$all_items[ $item_type['type'] . ':' . $item_type['object'] ] = $items;
}
wp_send_json_success( array( 'items' => $all_items ) );
}
public function get_sql( $type, $primary_table, $primary_id_column, $context = null ) {
$meta_table = _get_meta_table( $type );
if ( ! $meta_table ) {
return false;
}
$this->table_aliases = array();
$this->meta_table = $meta_table;
$this->meta_id_column = sanitize_key( $type . '_id' );
$this->primary_table = $primary_table;
$this->primary_id_column = $primary_id_column;
$sql = $this->get_sql_clauses();
/* * If any JOINs are LEFT JOINs (as in the case of NOT EXISTS), then all JOINs should * be LEFT. Otherwise posts with no metadata will be excluded from results. */
if ( str_contains( $sql['join'], 'LEFT JOIN' ) ) {
function has_post_format( $format = array(), $post = null ) {
$prefixed = array();
if ( $format ) {
foreach ( (array) $format as $single ) {
$prefixed[] = 'post-format-' . sanitize_key( $single );
}
}
return has_term( $prefixed, 'post_format', $post );
}
/** * Assign a format to a post * * @since 3.1.0 * * @param int|object $post The post for which to assign a format. * @param string $format A format to assign. Use an empty string or array to remove all formats from the post. * @return array|WP_Error|false Array of affected term IDs on success. WP_Error on error. */
);
$this->screen = convert_to_screen( $args['screen'] );
add_filter( "manage_{$this->screen->id}_columns", array( $this, 'get_columns' ), 0 );
if ( ! $args['plural'] ) {
$args['plural'] = $this->screen->base;
}
$args['plural'] = sanitize_key( $args['plural'] );
$args['singular'] = sanitize_key( $args['singular'] );
$this->_args = $args;
if ( $args['ajax'] ) {
// wp_enqueue_script( 'list-table' ); add_action( 'admin_footer', array( $this, '_js_vars' ) );
}
if ( empty( $this->modes ) ) {
$this->modes = array(
public function transform_query( &$query, $resulting_field ) {
if ( empty( $query['terms'] ) ) {
return;
}
if ( $query['field'] === $resulting_field ) {
return;
}
$resulting_field = sanitize_key( $resulting_field );
// Empty 'terms' always results in a null transformation. $terms = array_filter( $query['terms'] );
if ( empty( $terms ) ) {
$query['terms'] = array();
$query['field'] = $resulting_field;
return;
}
$args = array(
'get' => 'all',
} else {
if ( 'page' === $post_data['post_type'] ) {
return new WP_Error( 'edit_others_pages', __( 'Sorry, you are not allowed to create pages as this user.' ) );
} else {
return new WP_Error( 'edit_others_posts', __( 'Sorry, you are not allowed to create posts as this user.' ) );
}
}
}
if ( ! empty( $post_data['post_status'] ) ) {
$post_data['post_status'] = sanitize_key( $post_data['post_status'] );
// No longer an auto-draft. if ( 'auto-draft' === $post_data['post_status'] ) {
$post_data['post_status'] = 'draft';
}
if ( ! get_post_status_object( $post_data['post_status'] ) ) {
unset( $post_data['post_status'] );
}
}
if ( $is_preset ) {
$slug = self::get_slug_from_attribute( $duotone_attr ); // e.g. 'blue-orange'. $filter_id = self::get_filter_id( $slug ); // e.g. 'wp-duotone-filter-blue-orange'. $filter_value = self::get_css_var( $slug ); // e.g. 'var(--wp--preset--duotone--blue-orange)'.
// CSS custom property, SVG filter, and block CSS. self::enqueue_global_styles_preset( $filter_id, $duotone_selector, $filter_value );
} elseif ( $is_css ) {
$slug = wp_unique_id( sanitize_key( $duotone_attr . '-' ) ); // e.g. 'unset-1'. $filter_id = self::get_filter_id( $slug ); // e.g. 'wp-duotone-filter-unset-1'. $filter_value = $duotone_attr; // e.g. 'unset'.
// Just block CSS. self::enqueue_block_css( $filter_id, $duotone_selector, $filter_value );
} elseif ( $is_custom ) {
$slug = wp_unique_id( sanitize_key( implode( '-', $duotone_attr ) . '-' ) ); // e.g. '000000-ffffff-2'. $filter_id = self::get_filter_id( $slug ); // e.g. 'wp-duotone-filter-000000-ffffff-2'. $filter_value = self::get_filter_url( $filter_id ); // e.g. 'url(#wp-duotone-filter-000000-ffffff-2)'. $filter_data = array(
'slug' => $slug,
$slug = self::get_slug_from_attribute( $duotone_attr ); // e.g. 'blue-orange'. $filter_id = self::get_filter_id( $slug ); // e.g. 'wp-duotone-filter-blue-orange'. $filter_value = self::get_css_var( $slug ); // e.g. 'var(--wp--preset--duotone--blue-orange)'.
// CSS custom property, SVG filter, and block CSS. self::enqueue_global_styles_preset( $filter_id, $duotone_selector, $filter_value );
} elseif ( $is_css ) {
$slug = wp_unique_id( sanitize_key( $duotone_attr . '-' ) ); // e.g. 'unset-1'. $filter_id = self::get_filter_id( $slug ); // e.g. 'wp-duotone-filter-unset-1'. $filter_value = $duotone_attr; // e.g. 'unset'.
// Just block CSS. self::enqueue_block_css( $filter_id, $duotone_selector, $filter_value );
} elseif ( $is_custom ) {
$slug = wp_unique_id( sanitize_key( implode( '-', $duotone_attr ) . '-' ) ); // e.g. '000000-ffffff-2'. $filter_id = self::get_filter_id( $slug ); // e.g. 'wp-duotone-filter-000000-ffffff-2'. $filter_value = self::get_filter_url( $filter_id ); // e.g. 'url(#wp-duotone-filter-000000-ffffff-2)'. $filter_data = array(
'slug' => $slug,