wp_unslash example

/** * Starts scraping edited file errors. * * @since 4.9.0 */
function wp_start_scraping_edited_file_errors() {
    if ( ! isset( $_REQUEST['wp_scrape_key'] ) || ! isset( $_REQUEST['wp_scrape_nonce'] ) ) {
        return;
    }

    $key   = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 );
    $nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] );

    if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) {
        echo "###### wp_scraping_result_start:$key ######";
        echo wp_json_encode(
            array(
                'code'    => 'scrape_nonce_failure',
                'message' => __( 'Scrape key check failed. Please try again.' ),
            )
        );
        echo "###### wp_scraping_result_end:$key ######";
        


/** * Displays the search query. * * A simple wrapper to display the "s" parameter in a `GET` URI. This function * should only be used when the_search_query() cannot. * * @since 2.7.0 */
function _admin_search_query() {
    echo isset( $_REQUEST['s'] ) ? esc_attr( wp_unslash( $_REQUEST['s'] ) ) : '';
}

/** * Generic Iframe header for use with Thickbox. * * @since 2.7.0 * * @global string $hook_suffix * @global string $admin_body_class * @global WP_Locale $wp_locale WordPress date and time locale object. * * @param string $title Optional. Title of the Iframe page. Default empty. * @param bool $deprecated Not used. */

    $defaults = apply_filters( 'term_exists_default_query_args', $defaults$term$taxonomy$parent_term );

    if ( is_int( $term ) ) {
        if ( 0 === $term ) {
            return 0;
        }
        $args  = wp_parse_args( array( 'include' => array( $term ) )$defaults );
        $terms = get_terms( $args );
    } else {
        $term = trim( wp_unslash( $term ) );
        if ( '' === $term ) {
            return null;
        }

        if ( ! empty( $taxonomy ) && is_numeric( $parent_term ) ) {
            $defaults['parent'] = (int) $parent_term;
        }

        $args  = wp_parse_args( array( 'slug' => sanitize_title( $term ) )$defaults );
        $terms = get_terms( $args );
        if ( empty( $terms ) || is_wp_error( $terms ) ) {
            
$blog_meta_defaults = array(
        'lang_id' => 1,
        'public'  => $public,
    );

    // Handle the language setting for the new site.     if ( ! empty( $_POST['WPLANG'] ) ) {

        $languages = signup_get_available_languages();

        if ( in_array( $_POST['WPLANG']$languages, true ) ) {
            $language = wp_unslash( sanitize_text_field( $_POST['WPLANG'] ) );

            if ( $language ) {
                $blog_meta_defaults['WPLANG'] = $language;
            }
        }
    }

    /** * Filters the new site meta variables. * * Use the {@see 'add_signup_meta'} filter instead. * * @since MU (3.0.0) * @deprecated 3.0.0 Use the {@see 'add_signup_meta'} filter instead. * * @param array $blog_meta_defaults An array of default blog meta variables. */

    public function prepare_items() {
        require ABSPATH . 'wp-admin/includes/theme-install.php';

        global $tabs$tab$paged$type$theme_field_defaults;
        wp_reset_vars( array( 'tab' ) );

        $search_terms  = array();
        $search_string = '';
        if ( ! empty( $_REQUEST['s'] ) ) {
            $search_string = strtolower( wp_unslash( $_REQUEST['s'] ) );
            $search_terms  = array_unique( array_filter( array_map( 'trim', explode( ',', $search_string ) ) ) );
        }

        if ( ! empty( $_REQUEST['features'] ) ) {
            $this->features = $_REQUEST['features'];
        }

        $paged = $this->get_pagenum();

        $per_page = 36;

        
$submenu['themes.php'][6] = array( _x( 'Editor', 'site editor menu item' ), 'edit_theme_options', 'site-editor.php' );
}

if ( ! wp_is_block_theme() && current_theme_supports( 'block-template-parts' ) ) {
    $submenu['themes.php'][6] = array(
        __( 'Template Parts' ),
        'edit_theme_options',
        'site-editor.php?path=/wp_template_part/all',
    );
}

$customize_url = add_query_arg( 'return', urlencode( remove_query_arg( wp_removable_query_args()wp_unslash( $_SERVER['REQUEST_URI'] ) ) ), 'customize.php' );

// Hide Customize link on block themes unless a plugin or theme // is using 'customize_register' to add a setting. if ( ! wp_is_block_theme() || has_action( 'customize_register' ) ) {
    $position = ( wp_is_block_theme() || current_theme_supports( 'block-template-parts' ) ) ? 7 : 6;

    $submenu['themes.php'][ $position ] = array( __( 'Customize' ), 'customize', esc_url( $customize_url ), '', 'hide-if-no-customize' );
}

if ( current_theme_supports( 'menus' ) || current_theme_supports( 'widgets' ) ) {
    $submenu['themes.php'][10] = array( __( 'Menus' ), 'edit_theme_options', 'nav-menus.php' );
}

        if ( ! is_customize_preview() ) {
            wp_send_json_error( 'expected_customize_preview', 403 );
        } elseif ( ! isset( $_POST['partials'] ) ) {
            wp_send_json_error( 'missing_partials', 400 );
        }

        // Ensure that doing selective refresh on 404 template doesn't result in fallback rendering behavior (full refreshes).         status_header( 200 );

        $partials = json_decode( wp_unslash( $_POST['partials'] ), true );

        if ( ! is_array( $partials ) ) {
            wp_send_json_error( 'malformed_partials' );
        }

        $this->add_dynamic_partials( array_keys( $partials ) );

        /** * Fires immediately before partials are rendered. * * Plugins may do things like call wp_enqueue_scripts() and gather a list of the scripts * and styles which may get enqueued in the response. * * @since 4.5.0 * * @param WP_Customize_Selective_Refresh $refresh Selective refresh component. * @param array $partials Placements' context data for the partials rendered in the request. * The array is keyed by partial ID, with each item being an array of * the placements' context data. */
$wp_last_modified = gmdate( $date_format );
            }

            $wp_last_modified .= ' GMT';

            $wp_etag                  = '"' . md5( $wp_last_modified ) . '"';
            $headers['Last-Modified'] = $wp_last_modified;
            $headers['ETag']          = $wp_etag;

            // Support for conditional GET.             if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ) {
                $client_etag = wp_unslash( $_SERVER['HTTP_IF_NONE_MATCH'] );
            } else {
                $client_etag = false;
            }

            $client_last_modified = empty( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ? '' : trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] );
            // If string is empty, return 0. If not, attempt to parse into a timestamp.             $client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0;

            // Make a timestamp for our most recent modification..             $wp_modified_timestamp = strtotime( $wp_last_modified );

            


    update_option( 'siteurl', $siteurl );
    update_option( 'home', $home );

    if ( get_site_option( 'ms_files_rewriting' ) ) {
        update_option( 'upload_path', UPLOADBLOGSDIR . "/$blog_id/files" );
    } else {
        update_option( 'upload_path', get_blog_option( get_network()->site_id, 'upload_path' ) );
    }

    update_option( 'blogname', wp_unslash( $blog_title ) );
    update_option( 'admin_email', '' );

    // Remove all permissions.     $table_prefix = $wpdb->get_blog_prefix();
    delete_metadata( 'user', 0, $table_prefix . 'user_level', null, true );   // Delete all.     delete_metadata( 'user', 0, $table_prefix . 'capabilities', null, true ); // Delete all. }

/** * Set blog defaults. * * This function creates a row in the wp_blogs table. * * @since MU (3.0.0) * @deprecated MU * @deprecated Use wp_install_defaults() * * @global wpdb $wpdb WordPress database abstraction object. * * @param int $blog_id Ignored in this function. * @param int $user_id */
break;
        default:
            $screen = get_current_screen()->id;

            /** This action is documented in wp-admin/edit.php */
            $location = apply_filters( "handle_bulk_actions-{$screen}", $location$doaction$post_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores     }

    wp_redirect( $location );
    exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
    wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' )wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
    exit;
}

$wp_list_table->prepare_items();

// Used in the HTML title tag. $title       = __( 'Media Library' );
$parent_file = 'upload.php';

wp_enqueue_script( 'media' );

<input type="hidden" name="language" value="<?php echo esc_attr( $language ); ?>" /> <p class="step"><input name="submit" type="submit" value="<?php echo htmlspecialchars( __( 'Submit' ), ENT_QUOTES ); ?>" class="button button-large" /></p> </form> <?php         wp_print_scripts( 'password-toggle' );
        break;

    case 2:
        load_default_textdomain( $language );
        $GLOBALS['wp_locale'] = new WP_Locale();

        $dbname = trim( wp_unslash( $_POST['dbname'] ) );
        $uname  = trim( wp_unslash( $_POST['uname'] ) );
        $pwd    = trim( wp_unslash( $_POST['pwd'] ) );
        $dbhost = trim( wp_unslash( $_POST['dbhost'] ) );
        $prefix = trim( wp_unslash( $_POST['prefix'] ) );

        $step_1  = 'setup-config.php?step=1';
        $install = 'install.php';
        if ( isset( $_REQUEST['noapi'] ) ) {
            $step_1 .= '&amp;noapi';
        }

        
header( 'Allow: POST' );
    header( "$protocol 405 Method Not Allowed" );
    header( 'Content-Type: text/plain' );
    exit;
}

/** Sets up the WordPress Environment. */
require __DIR__ . '/wp-load.php';

nocache_headers();

$comment = wp_handle_comment_submission( wp_unslash( $_POST ) );
if ( is_wp_error( $comment ) ) {
    $data = (int) $comment->get_error_data();
    if ( ! empty( $data ) ) {
        wp_die(
            '<p>' . $comment->get_error_message() . '</p>',
            __( 'Comment Submission Failure' ),
            array(
                'response'  => $data,
                'back_link' => true,
            )
        );
    }
$redirect_to = add_query_arg( 'deleted', count( $bulklinks )$redirect_to );
    } else {
        $screen = get_current_screen()->id;

        /** This action is documented in wp-admin/edit.php */
        $redirect_to = apply_filters( "handle_bulk_actions-{$screen}", $redirect_to$doaction$bulklinks ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores     }
    wp_redirect( $redirect_to );
    exit;
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
    wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' )wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
    exit;
}

$wp_list_table->prepare_items();

// Used in the HTML title tag. $title       = __( 'Links' );
$this_file   = 'link-manager.php';
$parent_file = $this_file;

get_current_screen()->add_help_tab(
    
<?php if ( $_POST ) {

    check_admin_referer( 'install-network-1' );

    require_once ABSPATH . 'wp-admin/includes/upgrade.php';
    // Create network tables.     install_network();
    $base              = parse_url( trailingslashit( get_option( 'home' ) ), PHP_URL_PATH );
    $subdomain_install = allow_subdomain_install() ? ! empty( $_POST['subdomain_install'] ) : false;
    if ( ! network_domain_check() ) {
        $result = populate_network( 1, get_clean_basedomain()sanitize_email( $_POST['email'] )wp_unslash( $_POST['sitename'] )$base$subdomain_install );
        if ( is_wp_error( $result ) ) {
            if ( 1 === count( $result->get_error_codes() ) && 'no_wildcard_dns' === $result->get_error_code() ) {
                network_step2( $result );
            } else {
                network_step1( $result );
            }
        } else {
            network_step2();
        }
    } else {
        network_step2();
    }

function wp_original_referer_field( $display = true, $jump_back_to = 'current' ) {
    $ref = wp_get_original_referer();

    if ( ! $ref ) {
        $ref = ( 'previous' === $jump_back_to ) ? wp_get_referer() : wp_unslash( $_SERVER['REQUEST_URI'] );
    }

    $orig_referer_field = '<input type="hidden" name="_wp_original_http_referer" value="' . esc_attr( $ref ) . '" />';

    if ( $display ) {
        echo $orig_referer_field;
    }

    return $orig_referer_field;
}

Home | Imprint | This part of the site doesn't use cookies.