PHP wp_slash函数代码示例

 /**
  * Normalize Elementor post meta on import,
  * We need the `wp_slash` in order to avoid the unslashing during the `add_post_meta`
  *
  * @param array $post_meta
  *
  * @return array
  */
 public static function on_wp_import_post_meta($post_meta)
 {
     foreach ($post_meta as &$meta) {
         if ('_elementor_data' === $meta['key']) {
             $meta['value'] = wp_slash($meta['value']);
             break;
         }
     }
     return $post_meta;
 }

 /**
  * Get the source's images and save them locally, for posterity, unless we can't.
  *
  * @since 4.2.0
  * @access public
  *
  * @param int    $post_id Post ID.
  * @param string $content Optional. Current expected markup for Press This. Expects slashed. Default empty.
  * @return string New markup with old image URLs replaced with the local attachment ones if swapped.
  */
 public function side_load_images($post_id, $content = '')
 {
     $content = wp_unslash($content);
     if (preg_match_all('/<img [^>]+>/', $content, $matches) && current_user_can('upload_files')) {
         foreach ((array) $matches[0] as $image) {
             // This is inserted from our JS so HTML attributes should always be in double quotes.
             if (!preg_match('/src="([^"]+)"/', $image, $url_matches)) {
                 continue;
             }
             $image_src = $url_matches[1];
             // Don't try to sideload a file without a file extension, leads to WP upload error.
             if (!preg_match('/[^\\?]+\\.(?:jpe?g|jpe|gif|png)(?:\\?|$)/i', $image_src)) {
                 continue;
             }
             // Sideload image, which gives us a new image src.
             $new_src = media_sideload_image($image_src, $post_id, null, 'src');
             if (!is_wp_error($new_src)) {
                 // Replace the POSTED content <img> with correct uploaded ones.
                 // Need to do it in two steps so we don't replace links to the original image if any.
                 $new_image = str_replace($image_src, $new_src, $image);
                 $content = str_replace($image, $new_image, $content);
             }
         }
     }
     // Edxpected slashed
     return wp_slash($content);
 }

 /**
  * Update the client's post.
  *
  * @param array $params Parameters to update.
  * @return bool|WP_Error True on success, error object otherwise.
  */
 public function update($params)
 {
     $data = array();
     if (isset($params['name'])) {
         $data['post_title'] = $params['name'];
     }
     if (isset($params['description'])) {
         $data['post_content'] = $params['description'];
     }
     // Are we updating the post itself?
     if (!empty($data)) {
         $data['ID'] = $this->post->ID;
         $result = wp_update_post(wp_slash($data), true);
         if (is_wp_error($result)) {
             return $result;
         }
         // Reload the post property
         $this->post = get_post($this->post->ID);
     }
     // Are we updating any meta?
     if (!empty($params['meta'])) {
         $meta = $params['meta'];
         foreach ($meta as $key => $value) {
             $existing = get_post_meta($this->post->ID, $key, true);
             if ($existing === $value) {
                 continue;
             }
             $did_update = update_post_meta($this->post->ID, $key, wp_slash($value));
             if (!$did_update) {
                 return new WP_Error('rest_client_update_meta_failed', __('Could not update client metadata.', 'rest_oauth'));
             }
         }
     }
     return true;
 }

 /**
  * Save builder method.
  *
  * @since 1.0.0
  * @param int    $post_id
  * @param array  $posted
  * @param string $revision
  *
  * @return void
  */
 public function save_editor($post_id, $posted, $revision = self::REVISION_PUBLISH)
 {
     // Change the global post to current library post, so widgets can use `get_the_ID` and other post data
     if (isset($GLOBALS['post'])) {
         $global_post = $GLOBALS['post'];
     }
     $GLOBALS['post'] = get_post($post_id);
     $editor_data = $this->_get_editor_data($posted);
     // We need the `wp_slash` in order to avoid the unslashing during the `update_post_meta`
     $json_value = wp_slash(wp_json_encode($editor_data));
     if (self::REVISION_PUBLISH === $revision) {
         $this->remove_draft($post_id);
         update_post_meta($post_id, '_elementor_data', $json_value);
         $this->_save_plain_text($post_id);
     } else {
         update_post_meta($post_id, '_elementor_draft_data', $json_value);
     }
     update_post_meta($post_id, '_elementor_version', self::DB_VERSION);
     // Restore global post
     if (isset($global_post)) {
         $GLOBALS['post'] = $global_post;
     } else {
         unset($GLOBALS['post']);
     }
 }

 /**
  * Encodes Page Builder Meta Data to json format to handle PHP `serialize` issues with UTF8 characters
  * WordPress `update_post_meta` serializes the data and in some cases (probably depends on hostng env.)
  * the serialized data is not being unserialized
  * Uses `json_encode`
  *
  * @since  1.2.5
  *
  * @return string
  */
 public static function encode_pb_section_metadata($meta)
 {
     if (!is_array($meta)) {
         return wp_slash($meta);
     }
     return wp_slash(json_encode(self::sanitize_meta_data($meta)));
 }

 /**
  * When we save the post we don't want the extra embeds to be lingering outside
  * of the [simple-links] shortcode.
  * We strip them out here as the post saves so anywhere else is none the wiser
  * that the embeds ever existed
  *
  * @param array $post_data - wp_slashed array of post data
  *
  * @return array
  */
 public function strip_embed_wraps_upon_save($post_data)
 {
     $content = wp_unslash($post_data['post_content']);
     $content = preg_replace("/\\[embed\\](\\[simple-links([^\\]]*)\\])\\[\\/embed\\]/", "\$1", $content);
     $post_data['post_content'] = wp_slash($content);
     return $post_data;
 }

/**
 * If a JSON blob of navigation menu data is in POST data, expand it and inject
 * it into `$_POST` to avoid PHP `max_input_vars` limitations. See #14134.
 *
 * @ignore
 * @since 4.5.3
 * @access private
 */
function _wp_expand_nav_menu_post_data()
{
    if (!isset($_POST['nav-menu-data'])) {
        return;
    }
    $data = json_decode(stripslashes($_POST['nav-menu-data']));
    if (!is_null($data) && $data) {
        foreach ($data as $post_input_data) {
            // For input names that are arrays (e.g. `menu-item-db-id[3][4][5]`),
            // derive the array path keys via regex and set the value in $_POST.
            preg_match('#([^\\[]*)(\\[(.+)\\])?#', $post_input_data->name, $matches);
            $array_bits = array($matches[1]);
            if (isset($matches[3])) {
                $array_bits = array_merge($array_bits, explode('][', $matches[3]));
            }
            $new_post_data = array();
            // Build the new array value from leaf to trunk.
            for ($i = count($array_bits) - 1; $i >= 0; $i--) {
                if ($i == count($array_bits) - 1) {
                    $new_post_data[$array_bits[$i]] = wp_slash($post_input_data->value);
                } else {
                    $new_post_data = array($array_bits[$i] => $new_post_data);
                }
            }
            $_POST = array_replace_recursive($_POST, $new_post_data);
        }
    }
}

/**
 * Save keychain details
 */
function orbis_save_keychain_details($post_id, $post)
{
    // Doing autosave
    if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) {
        return;
    }
    // Verify nonce
    $nonce = filter_input(INPUT_POST, 'orbis_keychain_details_meta_box_nonce', FILTER_SANITIZE_STRING);
    if (!wp_verify_nonce($nonce, 'orbis_save_keychain_details')) {
        return;
    }
    // Check permissions
    if (!($post->post_type == 'orbis_keychain' && current_user_can('edit_post', $post_id))) {
        return;
    }
    // OK
    $definition = array('_orbis_keychain_url' => FILTER_VALIDATE_URL, '_orbis_keychain_email' => FILTER_VALIDATE_EMAIL, '_orbis_keychain_username' => FILTER_SANITIZE_STRING, '_orbis_keychain_password' => FILTER_UNSAFE_RAW);
    $data = wp_slash(filter_input_array(INPUT_POST, $definition));
    // Pasword
    $password_old = get_post_meta($post_id, '_orbis_keychain_password', true);
    $password_new = $data['_orbis_keychain_password'];
    foreach ($data as $key => $value) {
        if (empty($value)) {
            delete_post_meta($post_id, $key);
        } else {
            update_post_meta($post_id, $key, $value);
        }
    }
    // Action
    if ($post->post_status == 'publish' && !empty($password_old) && $password_old != $password_new) {
        // @see https://github.com/woothemes/woocommerce/blob/v2.1.4/includes/class-wc-order.php#L1274
        do_action('orbis_keychain_password_update', $post_id, $password_old, $password_new);
    }
}

 /**
  * Records a new history entry for the current post.
  *
  * @param string $message
  * @param array $data
  */
 public function add_entry($message, array $data = array())
 {
     $datetime = current_time('mysql');
     $checksum = uniqid(substr(hash('md5', $datetime . $message . serialize($data)), 0, 8) . '_');
     $log_entry = wp_slash(json_encode(array('datetime' => $datetime, 'message' => $message, 'data' => $data, 'checksum' => $checksum)));
     add_post_meta($this->post_id, self::HISTORY_KEY, $log_entry);
 }

 /**
  * @ticket 35795
  */
 public function test_slashed_key_for_existing_metadata()
 {
     global $wpdb;
     add_metadata('post', 123, wp_slash('foo\\foo'), 'bar');
     update_metadata('post', 123, wp_slash('foo\\foo'), 'baz');
     $found = get_metadata('post', 123, 'foo\\foo', true);
     $this->assertSame('baz', $found);
 }

 public function setAttribute($key, $value)
 {
     // fix double quote slash
     if (is_string($value)) {
         $value = wp_slash($value);
     }
     update_post_meta($this->getId(), $key, $value);
     return $this;
 }

 /**
  * fix importing Builder contents using WP_Import
  */
 function import_post_meta($post_id, $key, $value)
 {
     if ($key == $this->meta_key) {
         /* slashes are removed by update_post_meta, add it to protect the data */
         $builder_data = wp_slash($value);
         /* save the data in json format */
         update_post_meta($post_id, $this->meta_key, $builder_data);
     }
 }

 /**
  * Update the value of a WP User Option with the WP User Options API.
  *
  * @since 1.0.0
  *
  * @param string $option_name Name of the WP User Option.
  * @param string $new_value   New value of the WP User Option (not slashed).
  * @return bool True on success, false on failure.
  */
 protected function _update_option($option_name, $new_value)
 {
     // Non-logged-in user can never have a saved option value to be updated.
     if (!is_user_logged_in()) {
         return false;
     }
     // WP expects a slashed value.
     $new_value = wp_slash($new_value);
     return update_user_option(get_current_user_id(), $option_name, $new_value, false);
 }

 function column_action($item)
 {
     $paged = $this->get_pagenum();
     $paged_arg = (int) $paged > 1 ? '&paged=' . $paged : '';
     $buttons = '';
     if (current_user_can('duplicate_masterslider') || apply_filters('masterslider_admin_display_duplicate_btn', 0)) {
         $buttons .= sprintf('<a class="action-duplicate msp-ac-btn msp-btn-gray msp-iconic" href="?page=%s&action=%s&slider_id=%s%s"><span></span>%s</a>', $_REQUEST['page'], 'duplicate', $item['ID'], $paged_arg, __('duplicate'));
     }
     if (current_user_can('delete_masterslider') || apply_filters('masterslider_admin_display_delete_btn', 0)) {
         $buttons .= sprintf('<a class="action-delete msp-ac-btn msp-btn-red msp-iconic" href="?page=%s&action=%s&slider_id=%s%s" onClick="return confirm(\'%s\');" ><span></span>%s</a>', $_REQUEST['page'], 'delete', $item['ID'], $paged_arg, wp_slash(apply_filters('masterslider_admin_delete_btn_alert_message', __('Are you sure you want to delete this slider?', 'master-slider'))), __('delete'));
     }
     $buttons .= sprintf('<a class="action-preview msp-ac-btn msp-btn-blue msp-iconic" href="?page=%s&action=%s&slider_id=%s" onClick="lunchMastersliderPreviewBySliderID(%s);return false;" ><span></span>%s</a>', $_REQUEST['page'], 'preview', $item['ID'], $item['ID'], __('preview'));
     return $buttons;
 }

 function column_action($item)
 {
     $paged = $this->get_pagenum();
     $paged_arg = (int) $paged > 1 ? '&paged=' . $paged : '';
     $buttons = '';
     if (current_user_can('duplicate_masterslider') || apply_filters('masterslider_admin_display_duplicate_btn', 0)) {
         $buttons .= sprintf('<a class="action-duplicate msp-ac-btn msp-btn-gray msp-iconic" href="%s"><span></span>%s</a>', esc_url(add_query_arg(array('page' => $_GET['page'], 'action' => 'duplicate', 'slider_id' => $item['ID'], 'paged' => $paged))), __('duplicate', MSWP_TEXT_DOMAIN));
     }
     if (current_user_can('delete_masterslider') || apply_filters('masterslider_admin_display_delete_btn', 0)) {
         $buttons .= sprintf('<a class="action-delete msp-ac-btn msp-btn-red msp-iconic" href="%s" onClick="return confirm(\'%s\');" ><span></span>%s</a>', esc_url(add_query_arg(array('page' => $_GET['page'], 'action' => 'delete', 'slider_id' => $item['ID'], 'paged' => $paged))), wp_slash(apply_filters('masterslider_admin_delete_btn_alert_message', __('Are you sure you want to delete this slider?', MSWP_TEXT_DOMAIN))), __('delete', MSWP_TEXT_DOMAIN));
     }
     $buttons .= sprintf('<a class="action-preview msp-ac-btn msp-btn-blue msp-iconic" href="%s" onClick="lunchMastersliderPreviewBySliderID(%s);return false;" ><span></span>%s</a>', esc_url(add_query_arg(array('page' => $_GET['page'], 'action' => 'preview', 'slider_id' => $item['ID']))), $item['ID'], __('preview', MSWP_TEXT_DOMAIN));
     return $buttons;
 }