wp_validate_redirect example

/** * Filters the redirect fallback URL for when the provided redirect is not safe (local). * * @since 4.3.0 * * @param string $fallback_url The fallback URL to use by default. * @param int $status The HTTP response status code to use. */
        $fallback_url = apply_filters( 'wp_safe_redirect_fallback', admin_url()$status );

        $location = wp_validate_redirect( $location$fallback_url );

        return wp_redirect( $location$status$x_redirect_by );
    }
endif;

if ( ! function_exists( 'wp_validate_redirect' ) ) :
    /** * Validates a URL for use in a redirect. * * Checks whether the $location is using an allowed host, if it has an absolute * path. A plugin can therefore set or remove allowed host(s) to or from the * list. * * If the host is not allowed, then the redirect is to $fallback_url supplied. * * @since 2.8.1 * * @param string $location The redirect to validate. * @param string $fallback_url The value to return if $location is not allowed. * @return string Redirect-sanitized URL. */
<div class="notice notice-info"><p><strong><?php _e( 'Important:' ); ?></strong> <?php _e( 'This user has super admin privileges.' ); ?></p></div> <?php endif; ?> <?php if ( isset( $_GET['updated'] ) ) : ?> <div id="message" class="updated notice is-dismissible"> <?php if ( IS_PROFILE_PAGE ) : ?> <p><strong><?php _e( 'Profile updated.' ); ?></strong></p> <?php else : ?> <p><strong><?php _e( 'User updated.' ); ?></strong></p> <?php endif; ?> <?php if ( $wp_http_referer && ! str_contains( $wp_http_referer, 'user-new.php' ) && ! IS_PROFILE_PAGE ) : ?> <p><a href="<?php echo esc_url( wp_validate_redirect( sanitize_url( $wp_http_referer )self_admin_url( 'users.php' ) ) ); ?>"><?php _e( '&larr; Go to Users' ); ?></a></p> <?php endif; ?> </div> <?php endif; ?> <?php if ( isset( $_GET['error'] ) ) : ?> <div class="notice notice-error"> <?php if ( 'new-email' === $_GET['error'] ) : ?> <p><?php _e( 'Error while saving the new email address. Please try again.' ); ?></p> <?php endif; ?> </div> <?php endif; ?>
function wp_get_referer() {
    // Return early if called before wp_validate_redirect() is defined.     if ( ! function_exists( 'wp_validate_redirect' ) ) {
        return false;
    }

    $ref = wp_get_raw_referer();

    if ( $ref && wp_unslash( $_SERVER['REQUEST_URI'] ) !== $ref
        && home_url() . wp_unslash( $_SERVER['REQUEST_URI'] ) !== $ref
    ) {
        return wp_validate_redirect( $ref, false );
    }

    return false;
}

/** * Retrieves unvalidated referer from the '_wp_http_referer' URL query variable or the HTTP referer. * * If the value of the '_wp_http_referer' URL query variable is not a string then it will be ignored. * * Do not use for redirects, use wp_get_referer() instead. * * @since 4.5.0 * * @return string|false Referer URL on success, false on failure. */
<h1><?php _e( 'Database Update Required' ); ?></h1> <p><?php _e( 'WordPress has been updated! Next and final step is to update your database to the newest version.' ); ?></p> <p><?php _e( 'The database update process may take a little while, so please be patient.' ); ?></p> <p class="step"><a class="button button-large button-primary" href="upgrade.php?step=1&amp;backto=<?php echo $goback; ?>"><?php _e( 'Update WordPress Database' ); ?></a></p> <?php             break;
        case 1:
            wp_upgrade();

            $backto = ! empty( $_GET['backto'] ) ? wp_unslash( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
            $backto = esc_url( $backto );
            $backto = wp_validate_redirect( $backto__get_option( 'home' ) . '/' );
            ?> <h1><?php _e( 'Update Complete' ); ?></h1> <p><?php _e( 'Your WordPress database has been successfully updated!' ); ?></p> <p class="step"><a class="button button-large" href="<?php echo $backto; ?>"><?php _e( 'Continue' ); ?></a></p> <?php             break;
endswitch;
endif;
?> </body> </html>

function allowed_http_request_hosts( $is_external$host ) {
    if ( ! $is_external && wp_validate_redirect( 'http://' . $host ) ) {
        $is_external = true;
    }
    return $is_external;
}

/** * Adds any domain in a multisite installation for safe HTTP requests to the * allowed list. * * Attached to the {@see 'http_request_host_is_external'} filter. * * @since 3.6.0 * * @global wpdb $wpdb WordPress database abstraction object. * * @param bool $is_external * @param string $host * @return bool */
<?php echo $tax->labels->edit_item; ?></h1> <?php $class = ( isset( $msg ) && 5 === $msg ) ? 'error' : 'success';

if ( $message ) {
    ?> <div id="message" class="notice notice-<?php echo $class; ?>"> <p><strong><?php echo $message; ?></strong></p> <?php if ( $wp_http_referer ) { ?> <p><a href="<?php echo esc_url( wp_validate_redirect( sanitize_url( $wp_http_referer )admin_url( 'term.php?taxonomy=' . $taxonomy ) ) ); ?>"> <?php echo esc_html( $tax->labels->back_to_items ); ?> </a></p> <?php } ?> </div> <?php }
?> <div id="ajax-response"></div> <form name="edittag" id="edittag" method="post" action="edit-tags.php" class="validate"
/** * Sets the initial URL to be previewed. * * URL is validated. * * @since 4.4.0 * * @param string $preview_url URL to be previewed. */
    public function set_preview_url( $preview_url ) {
        $preview_url       = sanitize_url( $preview_url );
        $this->preview_url = wp_validate_redirect( $preview_urlhome_url( '/' ) );
    }

    /** * Gets the initial URL to be previewed. * * @since 4.4.0 * * @return string URL being previewed. */
    public function get_preview_url() {
        if ( empty( $this->preview_url ) ) {
            
Home | Imprint | This part of the site doesn't use cookies.