PHP sanitize_option函数代码示例

 function settings_validate($input)
 {
     $new_input = array();
     if (isset($input["cce-data_url"])) {
         if (!filter_var($input["cce-data_url"], FILTER_VALIDATE_URL)) {
             //check if valid URL
             //invalid so add settings error
             add_settings_error("cce-data_url", "cce-data_url-error", __(esc_attr("The CampusCE data URL must be a valid URL.")), "error");
         } else {
             $new_input["cce-data_url"] = sanitize_option("siteurl", $input["cce-data_url"]);
         }
     }
     if (isset($input["cce-user_key"])) {
         $new_input["cce-user_key"] = sanitize_text_field($input["cce-user_key"]);
     }
     if (isset($input["cce-post_type"])) {
         $new_input["cce-post_type"] = sanitize_text_field($input["cce-post_type"]);
     }
     if (isset($input["cce-taxonomy"])) {
         $new_input["cce-taxonomy"] = sanitize_text_field($input["cce-taxonomy"]);
     }
     if (isset($input["cce-field-id"])) {
         $new_input["cce-field-id"] = sanitize_text_field($input["cce-field-id"]);
     }
     return $new_input;
 }

 /**
  * Step init
  */
 protected function init()
 {
     $fields = [['name' => 'wpem_site_type', 'label' => __('Type', 'wp-easy-mode'), 'type' => 'radio', 'sanitizer' => 'sanitize_key', 'description' => __('What type of website would you like to create?', 'wp-easy-mode'), 'value' => wpem_get_site_type(), 'required' => true, 'choices' => ['standard' => __('Website + Blog', 'wp-easy-mode'), 'blog' => __('Blog only', 'wp-easy-mode'), 'store' => __('Online Store', 'wp-easy-mode')]], ['name' => 'wpem_site_industry', 'label' => __('Industry', 'wp-easy-mode'), 'type' => 'select', 'sanitizer' => 'sanitize_key', 'description' => __('What will your website be about?', 'wp-easy-mode'), 'value' => wpem_get_site_industry(), 'required' => true, 'choices' => wpem_get_site_industry_slugs_to('label')], ['name' => 'blogname', 'label' => __('Title', 'wp-easy-mode'), 'type' => 'text', 'sanitizer' => function ($value) {
         return stripcslashes(sanitize_option('blogname', $value));
     }, 'description' => __('The title of your website appears at the top of all pages and in search results.', 'wp-easy-mode'), 'value' => get_option('blogname'), 'required' => true, 'atts' => ['placeholder' => __('Enter your website title here', 'wp-easy-mode')]], ['name' => 'blogdescription', 'label' => __('Tagline', 'wp-easy-mode'), 'type' => 'text', 'sanitizer' => function ($value) {
         return stripcslashes(sanitize_option('blogdescription', $value));
     }, 'description' => __('Think of the tagline as a slogan that describes what makes your website special. It will also appear in search results.', 'wp-easy-mode'), 'value' => get_option('blogdescription'), 'required' => true, 'atts' => ['placeholder' => __('Enter your website tagline here', 'wp-easy-mode')]]];
     $this->fields = new Fields($fields);
     add_action('wpem_template_notices', [$this->fields, 'error_notice']);
 }

/**
* Add metabox to post types 
*/
function dkpdf_meta_box_setup()
{
    // get post types selected in settings
    $pdfbutton_post_types = sanitize_option('dkpdf_pdfbutton_post_types', get_option('dkpdf_pdfbutton_post_types'));
    if ($pdfbutton_post_types) {
        // add metabox to selected post types
        foreach ($pdfbutton_post_types as $post_type) {
            add_meta_box('post-data', __('DK PDF', 'dkpdf'), 'dkpdf_meta_box_content', $post_type, 'normal', 'high');
        }
    }
}

 /**
  * @ticket 36122
  */
 public function test_emoji_in_blogname_and_description()
 {
     global $wpdb;
     $value = "whee😈";
     if ('utf8mb4' === $wpdb->get_col_charset($wpdb->options, 'option_value')) {
         $expected = $value;
     } else {
         $expected = 'whee😈';
     }
     $this->assertSame($expected, sanitize_option('blogname', $value));
     $this->assertSame($expected, sanitize_option('blogdescription', $value));
 }

 /**
  * @dataProvider permalink_structure_provider
  */
 public function test_sanitize_permalink_structure($provided, $expected, $valid)
 {
     global $wp_settings_errors;
     $old_wp_settings_errors = (array) $wp_settings_errors;
     $actual = sanitize_option('permalink_structure', $provided);
     $errors = get_settings_errors('permalink_structure');
     // Clear errors.
     $wp_settings_errors = $old_wp_settings_errors;
     if ($valid) {
         $this->assertEmpty($errors);
     } else {
         $this->assertNotEmpty($errors);
         $this->assertEquals('invalid_permalink_structure', $errors[0]['code']);
     }
     $this->assertEquals($expected, $actual);
 }

function csg_sitemap()
{
    // Create empty string
    $sitemap = '';
    // Sanitize and escape input
    $frequency = sanitize_option('frequency', $_POST['frequency']);
    $frequency = esc_html($frequency);
    // And finally, check if its a safe value
    $check_input = $frequency;
    $safe_values = array('always', 'hourly', 'daily', 'weekly', 'monthly', 'yearly', 'never');
    if (in_array($check_input, $safe_values, true)) {
        // Add basic XML output
        $sitemap .= '<?xml version="1.0" encoding="UTF-8"?>
		<urlset xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">';
        // Add homepage
        $sitemap .= '
			<url>
			<loc>' . get_site_url() . '/</loc>
			<changefreq>' . $frequency . '</changefreq>
			</url>
		';
        // Add pages
        // Arguments for selecting pages
        $args = array('post_type' => 'page', 'posts_per_page' => 9000);
        // The Query
        query_posts($args);
        // The Loop
        while (have_posts()) {
            the_post();
            $sitemap .= '
				<url>
				<loc>' . get_the_permalink() . '</loc>
				<changefreq>' . $frequency . '</changefreq>
				</url>
			';
        }
        $sitemap .= '</urlset>';
        // Reset Query
        wp_reset_query();
    } else {
        wp_die('Invalid data');
        // If the frequency is not accepted, return error
    }
    // Return sitemap-string but first filter any text containing illegal named entities
    return ent2ncr($sitemap);
}

 /**
  * Save default theme for network
  *
  * @author Julien Maury
  */
 static function network_save_theme_option()
 {
     /**
      * is there an action ?
      */
     if (!isset($_POST['default_network_theme'])) {
         return false;
     }
     /**
      * check admin referer
      */
     check_admin_referer('siteoptions');
     if ($_POST['default_network_theme']) {
         return update_site_option('default_network_theme', apply_filters('default_network_theme_pre_update_option', sanitize_option('default_network_theme', $_POST['default_network_theme'])));
     }
     return true;
 }

 /**
  * @ticket 27942
  */
 function test_bloginfo_sanitize_option()
 {
     $old_values = array('blogname' => get_option('blogname'), 'blogdescription' => get_option('blogdescription'));
     $values = array('foo' => 'foo', '<em>foo</em>' => '&lt;em&gt;foo&lt;/em&gt;', '<script>foo</script>' => '&lt;script&gt;foo&lt;/script&gt;', '&lt;foo&gt;' => '&lt;foo&gt;', '<foo' => '&lt;foo');
     foreach ($values as $value => $expected) {
         $sanitized_value = sanitize_option('blogname', $value);
         update_option('blogname', $sanitized_value);
         $this->assertEquals($expected, $sanitized_value);
         $this->assertEquals($expected, get_bloginfo('name'));
         $this->assertEquals($expected, get_bloginfo('name', 'display'));
         $sanitized_value = sanitize_option('blogdescription', $value);
         update_option('blogdescription', $sanitized_value);
         $this->assertEquals($expected, $sanitized_value);
         $this->assertEquals($expected, get_bloginfo('description'));
         $this->assertEquals($expected, get_bloginfo('description', 'display'));
     }
     // Restore old values.
     foreach ($old_values as $option_name => $value) {
         update_option($option_name, $value);
     }
 }

/**
 * Update the value of a network option that was already added.
 *
 * @since 4.4.0
 *
 * @see update_option()
 *
 * @global wpdb   $wpdb
 * @global object $current_site
 *
 * @param string   $option     Name of option. Expected to not be SQL-escaped.
 * @param mixed    $value      Option value. Expected to not be SQL-escaped.
 * @param int|bool $network_id Optional. ID of the network. Defaults to current network ID.
 * @return bool False if value was not updated and true if value was updated.
 */
function update_network_option($option, $value, $network_id = false)
{
    global $wpdb, $current_site;
    $network_id = (int) $network_id;
    // Fallback to the current network if a network ID is not specified.
    if (!$network_id && is_multisite()) {
        $network_id = $current_site->id;
    }
    wp_protect_special_option($option);
    $old_value = get_network_option($option, false, $network_id);
    /**
     * Filter a specific network option before its value is updated.
     *
     * The dynamic portion of the hook name, `$option`, refers to the option name.
     *
     * @since 2.9.0 As 'pre_update_site_option_' . $key
     * @since 3.0.0
     * @since 4.4.0 The `$option` parameter was added
     *
     * @param mixed  $value     New value of the network option.
     * @param mixed  $old_value Old value of the network option.
     * @param string $option    Option name.
     */
    $value = apply_filters('pre_update_site_option_' . $option, $value, $old_value, $option);
    if ($value === $old_value) {
        return false;
    }
    if (false === $old_value) {
        return add_network_option($option, $value, $network_id);
    }
    $notoptions_key = "{$network_id}:notoptions";
    $notoptions = wp_cache_get($notoptions_key, 'site-options');
    if (is_array($notoptions) && isset($notoptions[$option])) {
        unset($notoptions[$option]);
        wp_cache_set($notoptions_key, $notoptions, 'site-options');
    }
    if (!is_multisite()) {
        $result = update_option($option, $value);
    } else {
        $value = sanitize_option($option, $value);
        $serialized_value = maybe_serialize($value);
        $result = $wpdb->update($wpdb->sitemeta, array('meta_value' => $serialized_value), array('site_id' => $network_id, 'meta_key' => $option));
        if ($result) {
            $cache_key = "{$network_id}:{$option}";
            wp_cache_set($cache_key, $value, 'site-options');
        }
    }
    if ($result) {
        /**
         * Fires after the value of a specific network option has been successfully updated.
         *
         * The dynamic portion of the hook name, `$option`, refers to the option name.
         *
         * @since 2.9.0 As "update_site_option_{$key}"
         * @since 3.0.0
         *
         * @param string $option    Name of the network option.
         * @param mixed  $value     Current value of the network option.
         * @param mixed  $old_value Old value of the network option.
         */
        do_action('update_site_option_' . $option, $option, $value, $old_value);
        /**
         * Fires after the value of a network option has been successfully updated.
         *
         * @since 3.0.0
         *
         * @param string $option    Name of the network option.
         * @param mixed  $value     Current value of the network option.
         * @param mixed  $old_value Old value of the network option.
         */
        do_action('update_site_option', $option, $value, $old_value);
        return true;
    }
    return false;
}

 function save_redirects($data)
 {
     // Save the redirects from the options page to the database
     // As of version 5.0.7 the redirects are saved by adding to the existing ones, not resaving all of them from form -
     // this was to prevent the max_input_vars issue when that was set low and there were a lot of redirects.
     $currRedirects = get_option('quickppr_redirects', array());
     $currMeta = get_option('quickppr_redirects_meta', array());
     //TODO: Add Back up Redirects
     //TODO: Add New Redirects to TOP not Bottom.
     $protocols = apply_filters('qppr_allowed_protocols', array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp'));
     for ($i = 0; $i < sizeof($data['request']); ++$i) {
         $request = esc_url(str_replace(' ', '%20', trim($data['request'][$i])), null, 'appip');
         $destination = esc_url(str_replace(' ', '%20', trim($data['destination'][$i])), null, 'appip');
         $newwin = isset($data['newwindow'][$i]) && (int) trim($data['newwindow'][$i]) == 1 ? 1 : 0;
         $nofoll = isset($data['nofollow'][$i]) && (int) trim($data['nofollow'][$i]) == 1 ? 1 : 0;
         if (strpos($request, '/', 0) !== 0 && !$this->qppr_strposa($request, $protocols)) {
             $request = '/' . $request;
         }
         // adds root marker to front if not there
         if (strpos($request, '.') === false && strpos($request, '?') === false && strpos($request, '/', strlen($request) - 1) === false) {
             $request = $request . '/';
         }
         // adds end folder marker if not a file end
         if (($request == '' || $request == '/') && $destination == '') {
             continue;
             //if nothing there do nothing
         } elseif ($request != '' && $request != '/' && $destination == '') {
             $currRedirects[$request] = '/';
         } else {
             $currRedirects[$request] = $destination;
         }
         $currMeta[$request]['newwindow'] = $newwin;
         $currMeta[$request]['nofollow'] = $nofoll;
     }
     update_option('quickppr_redirects', sanitize_option('quickppr_redirects', $currRedirects));
     update_option('quickppr_redirects_meta', sanitize_option('quickppr_redirects_meta', $currMeta));
     $this->quickppr_redirectsmeta = get_option('quickppr_redirects_meta', array());
     $this->quickppr_redirects = get_option('quickppr_redirects', array());
     return $currRedirects;
 }

			jQuery("#fb-img").hide();
			jQuery("#fb-msg").show();
			setTimeout(function() {location.reload(true);}, 2000);
		}
	});
}
</script>
<?php 
wp_enqueue_style('op-bootstrap-css', WEBLIZAR_TWITTER_PLUGIN_URL . 'css/bootstrap.min.css');
$TwitterUserName = sanitize_text_field($_REQUEST['twitter-page-user_name']);
$Theme = sanitize_text_field($_REQUEST['show-theme-background']);
$Height = sanitize_text_field($_REQUEST['twitter-page-url-Height']);
$TwitterWidgetId = sanitize_text_field($_REQUEST['twitter-page-id-fetch']);
$LinkColor = sanitize_text_field($_REQUEST['twitter-page-lnk-Color']);
$ExcludeReplies = sanitize_option('ExcludeReplies', $_REQUEST['exclude_replies_23']);
$AutoExpandPhotos = sanitize_option('AutoExpandPhotos', $_REQUEST['photo_1234']);
if (isset($_REQUEST['twitter-page-id-fetch'])) {
    $TwitterSettingsArray = serialize(array('TwitterUserName' => $TwitterUserName, 'Theme' => $Theme, 'Height' => $Height, 'TwitterWidgetId' => $TwitterWidgetId, 'LinkColor' => $LinkColor, 'ExcludeReplies' => $ExcludeReplies, 'AutoExpandPhotos' => $AutoExpandPhotos));
    update_option("ali_twitter_shortcode", $TwitterSettingsArray);
}
?>
<div class="block ui-tabs-panel active" id="option-general">		
	<div class="row">
		<div class="col-md-6">
			<h2><?php 
_e('Twitter Shortcode Settings', WEBLIZAR_TWITTER_TEXT_DOMAIN);
?>
: [TWTR]</h2>
			<hr>
			<form name='fb-form' id='fb-form'>
				<?php 

function add_option($name, $value = '', $deprecated = '', $autoload = 'yes')
{
    global $wpdb;
    wp_protect_special_option($name);
    $safe_name = $wpdb->escape($name);
    $value = sanitize_option($name, $value);
    // Make sure the option doesn't already exist. We can check the 'notoptions' cache before we ask for a db query
    $notoptions = wp_cache_get('notoptions', 'options');
    if (!is_array($notoptions) || !isset($notoptions[$name])) {
        if (false !== get_option($safe_name)) {
            return;
        }
    }
    $value = maybe_serialize($value);
    $autoload = 'no' === $autoload ? 'no' : 'yes';
    if ('yes' == $autoload) {
        $alloptions = wp_load_alloptions();
        $alloptions[$name] = $value;
        wp_cache_set('alloptions', $alloptions, 'options');
    } else {
        wp_cache_set($name, $value, 'options');
    }
    // This option exists now
    $notoptions = wp_cache_get('notoptions', 'options');
    // yes, again... we need it to be fresh
    if (is_array($notoptions) && isset($notoptions[$name])) {
        unset($notoptions[$name]);
        wp_cache_set('notoptions', $notoptions, 'options');
    }
    $wpdb->query($wpdb->prepare("INSERT INTO {$wpdb->options} (option_name, option_value, autoload) VALUES (%s, %s, %s)", $name, $value, $autoload));
    do_action("add_option_{$name}", $name, $value);
    return;
}

/**
 * Load the template loop for the current object.
 *
 * @return string Prints template loop for the specified object
 * @since BuddyPress (1.2)
 */
function bp_legacy_theme_object_template_loader()
{
    // Bail if not a POST action
    if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) {
        return;
    }
    // Bail if no object passed
    if (empty($_POST['object'])) {
        return;
    }
    // Sanitize the object
    $object = sanitize_title($_POST['object']);
    // Bail if object is not an active component to prevent arbitrary file inclusion
    if (!bp_is_active($object)) {
        return;
    }
    /**
     * AJAX requests happen too early to be seen by bp_update_is_directory()
     * so we do it manually here to ensure templates load with the correct
     * context. Without this check, templates will load the 'single' version
     * of themselves rather than the directory version.
     */
    if (!bp_current_action()) {
        bp_update_is_directory(true, bp_current_component());
    }
    $template_part = $object . '/' . $object . '-loop';
    // The template part can be overridden by the calling JS function
    if (!empty($_POST['template'])) {
        $template_part = sanitize_option('upload_path', $_POST['template']);
    }
    // Locate the object template
    bp_get_template_part($template_part);
    exit;
}

 /**
  * Update an option.
  *
  * ## OPTIONS
  *
  * <key>
  * : The name of the option to add.
  *
  * [<value>]
  * : The new value. If ommited, the value is read from STDIN.
  *
  * [--autoload=<autoload>]
  * : Requires WP 4.2. Should this option be automatically loaded. Accepted values: yes, no. Default: yes
  *
  * [--format=<format>]
  * : The serialization format for the value. Default is plaintext.
  *
  * ## EXAMPLES
  *
  *     # Update an option by reading from a file
  *     wp option update my_option < value.txt
  *
  *     # Update one option on multiple sites using xargs
  *     wp site list --field=url | xargs -n1 -I {} sh -c 'wp --url={} option update <key> <value>'
  *
  * @alias set
  */
 public function update($args, $assoc_args)
 {
     $key = $args[0];
     $value = WP_CLI::get_value_from_arg_or_stdin($args, 1);
     $value = WP_CLI::read_value($value, $assoc_args);
     $autoload = \WP_CLI\Utils\get_flag_value($assoc_args, 'autoload');
     if (!in_array($autoload, array('yes', 'no'))) {
         $autoload = null;
     }
     $value = sanitize_option($key, $value);
     $old_value = sanitize_option($key, get_option($key));
     if ($value === $old_value && is_null($autoload)) {
         WP_CLI::success("Value passed for '{$key}' option is unchanged.");
     } else {
         if (update_option($key, $value, $autoload)) {
             WP_CLI::success("Updated '{$key}' option.");
         } else {
             WP_CLI::error("Could not update option '{$key}'.");
         }
     }
 }

 /**
  * Generic date_format validation
  * 
  * @param <string> $date_format 
  * 
  * @return <string>
  */
 public function date_format($date_format)
 {
     if (!empty($date_format) && is_string($date_format)) {
         $date_format = strlen($date_format) == 19 ? $date_format : '';
         $safe_date_format = sanitize_option('date_format', $date_format);
     } else {
         $safe_date_format = '';
     }
     return $safe_date_format;
 }