PHP wp_unslash函数代码示例

 /**
  * Add or Edit Operation.
  */
 function save()
 {
     if (isset($_REQUEST['_wpnonce'])) {
         $nonce = sanitize_text_field(wp_unslash($_REQUEST['_wpnonce']));
     }
     if (isset($nonce) and !wp_verify_nonce($nonce, 'wpgmp-nonce')) {
         die('Cheating...');
     }
     $this->verify($_POST);
     if (is_array($this->errors) and !empty($this->errors)) {
         $this->throw_errors();
     }
     $extra_fields = array();
     if (isset($_POST['location_extrafields'])) {
         foreach ($_POST['location_extrafields'] as $index => $label) {
             if ($label != '') {
                 $extra_fields[$index] = sanitize_text_field(wp_unslash($label));
             }
         }
     }
     update_option('wpgmp_api_key', sanitize_text_field(wp_unslash($_POST['wpgmp_api_key'])));
     update_option('wpgmp_scripts_place', sanitize_text_field(wp_unslash($_POST['wpgmp_scripts_place'])));
     update_option('wpgmp_location_extrafields', serialize($extra_fields));
     $response['success'] = __('Setting(s) saved successfully.', WPGMP_TEXT_DOMAIN);
     return $response;
 }

/**
 * Performs json_decode and unslash.
 *
 * @since 1.0.0
 * @param string $data
 * @return array
 */
function wpforms_decode($data)
{
    if (!$data || empty($data)) {
        return false;
    }
    return wp_unslash(json_decode($data, true));
}

function wppb_description_handler($output, $form_location, $field, $user_id, $field_check_errors, $request_data)
{
    $item_title = apply_filters('wppb_' . $form_location . '_description_item_title', wppb_icl_t('plugin profile-builder-pro', 'default_field_' . $field['id'] . '_title_translation', $field['field-title']));
    $item_description = wppb_icl_t('plugin profile-builder-pro', 'default_field_' . $field['id'] . '_description_translation', $field['description']);
    $input_value = '';
    if ($form_location == 'edit_profile') {
        $input_value = get_the_author_meta('description', $user_id);
    }
    if (trim($input_value) == '') {
        $input_value = $field['default-value'];
    }
    $input_value = isset($request_data['description']) ? trim($request_data['description']) : $input_value;
    $extra_attr = apply_filters('wppb_extra_attribute', '', $field);
    if ($form_location != 'back_end') {
        $error_mark = $field['required'] == 'Yes' ? '<span class="wppb-required" title="' . wppb_required_field_error($field["field-title"]) . '">*</span>' : '';
        if (array_key_exists($field['id'], $field_check_errors)) {
            $error_mark = '<img src="' . WPPB_PLUGIN_URL . 'assets/images/pencil_delete.png" title="' . wppb_required_field_error($field["field-title"]) . '"/>';
        }
        $output = '
			<label for="description">' . $item_title . $error_mark . '</label>
			<textarea rows="' . $field['row-count'] . '" name="description" maxlength="' . apply_filters('wppb_maximum_character_length', '', $field) . '" class="default_field_description" id="description" wrap="virtual" ' . $extra_attr . '>' . esc_textarea(wp_unslash($input_value)) . '</textarea>';
        if (!empty($item_description)) {
            $output .= '<span class="wppb-description-delimiter">' . $item_description . '</span>';
        }
    }
    return apply_filters('wppb_' . $form_location . '_description', $output, $form_location, $field, $user_id, $field_check_errors, $request_data);
}

/**
 * Adding the HTML to the existing registration form
 */
function tutsplus_register_form_edit()
{
    $twitter_name = !empty($_POST['twitter_name']) ? trim($_POST['twitter_name']) : '';
    ?>
	<p>
	<label for="twitter_name">
		<?php 
    _e('Twitter name', 'sage');
    ?>
<br />
		<input type="text" name="twitter_name" id="twitter_name" class="input" value="<?php 
    echo esc_attr(wp_unslash($twitter_name));
    ?>
" size="25" />
	</label>
	</p>

	<?php 
    $terms = !empty($_POST['terms']) ? $_POST['terms'] : '';
    ?>
	<p>
	<label for="terms">
		<input type="checkbox" name="terms" id="terms" class="input" value="agreed" <?php 
    checked($_POST['terms'], 'agreed', true);
    ?>
 />
		<?php 
    _e('I have read the terms and conditions', 'sage');
    ?>
	</label>
	</p>
	<?php 
}

/**
 * Redirect to the custom login page
 */
function cubiq_login_init()
{
    $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'login';
    if (isset($_POST['wp-submit'])) {
        $action = 'post-data';
    } else {
        if (isset($_GET['reauth'])) {
            $action = 'reauth';
        }
    }
    // redirect to change password form
    if ($action == 'rp' || $action == 'resetpass') {
        if (isset($_GET['key']) && isset($_GET['login'])) {
            $rp_path = wp_unslash('/login/');
            $rp_cookie = 'wp-resetpass-' . COOKIEHASH;
            $value = sprintf('%s:%s', wp_unslash($_GET['login']), wp_unslash($_GET['key']));
            setcookie($rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true);
        }
        wp_redirect(home_url('/login/?action=resetpass'));
        exit;
    }
    // redirect from wrong key when resetting password
    if ($action == 'lostpassword' && isset($_GET['error']) && ($_GET['error'] == 'expiredkey' || $_GET['error'] == 'invalidkey')) {
        wp_redirect(home_url('/login/?action=forgot&failed=wrongkey'));
        exit;
    }
    if ($action == 'post-data' || $action == 'reauth' || $action == 'logout') {
        return;
    }
    wp_redirect(home_url('/login/'));
    exit;
}

    /**
     * Displays the setup form
     *
     * @access public
     * @since 3.9
     * @uses WPSC_Checkout_Form::get()
     * @uses WPSC_Checkout_Form::field_drop_down_options()
     * @uses WPSC_Checkout_Form::get_field_id_by_unique_name()
     * @uses WPSC_Payment_Gateway_Setting::get()
     *
     * @return void
     */
    public function setup_form()
    {
        ?>
		<tr>
			<td colspan="2">
				<p>
					<label for="wpsc-manual-gateway-setup"><?php 
        _e('Instructions', 'wpsc');
        ?>
</label><br />
					<textarea id="wpsc-manual-gateway-setup" cols='' rows='10' name='<?php 
        echo esc_attr($this->setting->get_field_name('payment_instructions'));
        ?>
'><?php 
        echo esc_textarea(wp_unslash($this->setting->get('payment_instructions')));
        ?>
</textarea><br />
					<small><?php 
        _e('Enter the payment instructions that you wish to display to your customers when they make a purchase.', 'wpsc');
        ?>
</small><br />
					<small><?php 
        _e('For example, this is where you the Shop Owner might enter your bank account details or address so that your customer can make their manual payment.', 'wpsc');
        ?>
</small>
				</p>
			</td>
		</tr>
		<?php 
    }

 /**
  * sanitize content field on save
  *
  * @param str $content ad content
  * @return str $content sanitized ad content
  * @since 1.0.0
  */
 public function sanitize_content($content = '')
 {
     // remove slashes from content
     $content = wp_unslash($content);
     // use WordPress core content filter
     return $content = apply_filters('content_save_pre', $content);
 }

 /**
  * Get bank details and place into a list format.
  *
  * Note: Since this is declared as a private function in WC_Gateway_BACS, it needs
  * to be copied here 1:1
  *
  * @param int $order_id
  */
 private function bank_details($order_id = '')
 {
     if (empty($this->account_details)) {
         return;
     }
     // Get order and store in $order
     $order = wc_get_order($order_id);
     // Get the order country and country $locale
     $country = $order->billing_country;
     $locale = $this->get_country_locale();
     // Get sortcode label in the $locale array and use appropriate one
     $sortcode = isset($locale[$country]['sortcode']['label']) ? $locale[$country]['sortcode']['label'] : __('Sort Code', 'woocommerce');
     $bacs_accounts = apply_filters('woocommerce_bacs_accounts', $this->account_details);
     if (!empty($bacs_accounts)) {
         echo '<h2>' . __('Our Bank Details', 'woocommerce') . '</h2>' . PHP_EOL;
         foreach ($bacs_accounts as $bacs_account) {
             $bacs_account = (object) $bacs_account;
             if ($bacs_account->account_name || $bacs_account->bank_name) {
                 echo '<h3>' . wp_unslash(implode(' - ', array_filter(array($bacs_account->account_name, $bacs_account->bank_name)))) . '</h3>' . PHP_EOL;
             }
             echo '<ul class="order_details bacs_details">' . PHP_EOL;
             // BACS account fields shown on the thanks page and in emails
             $account_fields = apply_filters('woocommerce_bacs_account_fields', array('account_number' => array('label' => __('Account Number', 'woocommerce'), 'value' => $bacs_account->account_number), 'sort_code' => array('label' => $sortcode, 'value' => $bacs_account->sort_code), 'iban' => array('label' => __('IBAN', 'woocommerce'), 'value' => $bacs_account->iban), 'bic' => array('label' => __('BIC', 'woocommerce'), 'value' => $bacs_account->bic)), $order_id);
             foreach ($account_fields as $field_key => $field) {
                 if (!empty($field['value'])) {
                     echo '<li class="' . esc_attr($field_key) . '">' . esc_attr($field['label']) . ': <strong>' . wptexturize($field['value']) . '</strong></li>' . PHP_EOL;
                 }
             }
             echo '</ul>';
         }
     }
 }

 /**
  * Output for End Location column.
  * @param array $item Route Row.
  */
 public function column_route_end_location($item)
 {
     $modelFactory = new FactoryModelWPGMP();
     $location_obj = $modelFactory->create_object('location');
     $location = $location_obj->fetch(array(array('location_id', '=', intval(wp_unslash($item->route_end_location)))));
     echo $location[0]->location_title;
 }

 public function update($data)
 {
     // TODO: Implement update() method.
     global $wpdb;
     $tableName = $wpdb->prefix . self::$tableName;
     $code_form = wp_unslash($_POST["search_shortcode_code_form"]);
     if (!empty($_POST["search_shortcode_from"])) {
         preg_match('/\\[(.+)\\]/', $_POST["search_shortcode_from"], $from_iata);
         if (!empty($from_iata[1])) {
             $from_city = explode(',', $_POST["search_shortcode_from"]);
             $origin = '"origin": {
                                         "name": "' . $from_city[0] . '",
                                         "iata": "' . $from_iata[1] . '"
                                     }';
             $code_form = preg_replace('/"origin": \\{.*?\\}/s', $origin, $code_form);
         }
     }
     if (!empty($_POST["search_shortcode_to"])) {
         preg_match('/\\[(.+)\\]/', $_POST["search_shortcode_to"], $to_iata);
         if (!empty($to_iata[1])) {
             $to_city = explode(',', $_POST["search_shortcode_to"]);
             $destination = '"destination": {
                                         "name": "' . $to_city[0] . '",
                                         "iata": "' . $to_iata[1] . '"
                                     }';
             $code_form = preg_replace('/"destination": \\{.*?\\}/s', $destination, $code_form);
         }
     }
     $inputData = array('title' => $_POST["search_shortcode_title"], 'date_add' => time(), 'type_shortcode' => $_POST["search_shortcode_type"], 'code_form' => $code_form, 'from_city' => $_POST["search_shortcode_from"], 'to_city' => $_POST["search_shortcode_to"]);
     $wpdb->update($tableName, $inputData, array('id' => $_POST['search_shortcodes_id']));
 }

 /**
  * sanitize useragent list
  *
  * @since 1.1
  *
  */
 public function useragent($array)
 {
     global $wp_filter;
     $localhost = false;
     $array = wp_unslash($array);
     if (!is_array($array)) {
         $array = array($array);
     }
     if (isset($array['localhost']) && 's' == sanitize_html_class($array['localhost']) && isset($wp_filter['stt2extat_allow_localhost'])) {
         $localhost = true;
     }
     $array_unique = array_unique(array_map('trim', array_keys($array)));
     $new_array = array();
     foreach ($array_unique as $k) {
         $v = $array[$k];
         if (isset($array[$k]) && '' != $v) {
             $k = stt2extat_parse_url(sanitize_text_field($k));
             $v = sanitize_html_class($v);
             if ('' != $k && '' != $v) {
                 $new_array[$k['host']] = $v;
             }
         }
     }
     if ($localhost) {
         $new_array = wp_parse_args(array('localhost' => 's'), $new_array);
     }
     $new_array = array_filter(array_map('trim', $new_array));
     uksort($new_array, 'strcasecmp');
     return $new_array;
 }

 function after()
 {
     $plugin_file = $this->upgrader->plugin_info();
     $install_actions = array();
     $from = isset($_GET['from']) ? wp_unslash($_GET['from']) : 'plugins';
     if ('import' == $from) {
         $install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;from=import&amp;plugin=' . urlencode($plugin_file), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin &amp; Run Importer') . '</a>';
     } else {
         $install_actions['activate_plugin'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;plugin=' . urlencode($plugin_file), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin') . '" target="_parent">' . __('Activate Plugin') . '</a>';
     }
     if (is_multisite() && current_user_can('manage_network_plugins')) {
         $install_actions['network_activate'] = '<a href="' . wp_nonce_url('plugins.php?action=activate&amp;networkwide=1&amp;plugin=' . urlencode($plugin_file), 'activate-plugin_' . $plugin_file) . '" title="' . esc_attr__('Activate this plugin for all sites in this network') . '" target="_parent">' . __('Network Activate') . '</a>';
         unset($install_actions['activate_plugin']);
     }
     if (!$this->result || is_wp_error($this->result) || $this->multi) {
         unset($install_actions['activate_plugin'], $install_actions['network_activate']);
     } elseif (!current_user_can('activate_plugins')) {
         unset($install_actions['activate_plugin']);
     }
     /**
      * Filter the list of action links available following a single plugin installation.
      *
      * @since 2.7.0
      *
      * @param array  $install_actions Array of plugin action links.
      * @param object $api             Object containing WordPress.org API plugin data. Empty
      *                                for non-API installs, such as when a plugin is installed
      *                                via upload.
      * @param string $plugin_file     Path to the plugin file.
      */
     $install_actions = apply_filters('install_plugin_complete_actions', $install_actions, $this->api, $plugin_file);
     if (!empty($install_actions)) {
         $this->feedback(implode(' | ', (array) $install_actions));
     }
 }

 public static function save_fields($options)
 {
     if (empty($_POST)) {
         return;
     }
     $update_options = array();
     foreach ($options as $value) {
         $option_value = isset($_POST[$value['id']]) ? wp_unslash($_POST[$value['id']]) : null;
         switch (sanitize_title($value['type'])) {
             case 'text':
             case 'password':
             case 'number':
                 $option_value = $option_value;
                 break;
             case 'checkbox':
                 $option_value = is_null($option_value) ? 'no' : 'yes';
                 break;
             case 'checkbox2':
                 $option_value = is_null($option_value) ? 0 : 1;
                 break;
         }
         if (!is_null($option_value)) {
             $update_options[$value['id']] = $option_value;
         }
     }
     foreach ($update_options as $name => $val) {
         update_option($name, $val);
     }
     return true;
 }

 /**
  * When we save the post we don't want the extra embeds to be lingering outside
  * of the [simple-links] shortcode.
  * We strip them out here as the post saves so anywhere else is none the wiser
  * that the embeds ever existed
  *
  * @param array $post_data - wp_slashed array of post data
  *
  * @return array
  */
 public function strip_embed_wraps_upon_save($post_data)
 {
     $content = wp_unslash($post_data['post_content']);
     $content = preg_replace("/\\[embed\\](\\[simple-links([^\\]]*)\\])\\[\\/embed\\]/", "\$1", $content);
     $post_data['post_content'] = wp_slash($content);
     return $post_data;
 }

 public function incoming_trackback($commentdata)
 {
     if ('trackback' != $commentdata['comment_type']) {
         return $commentdata;
     }
     if (false === $this->conf['patch_incoming_trackback']) {
         return $commentdata;
     }
     $title = isset($_POST['title']) ? wp_unslash($_POST['title']) : '';
     $excerpt = isset($_POST['excerpt']) ? wp_unslash($_POST['excerpt']) : '';
     $blog_name = isset($_POST['blog_name']) ? wp_unslash($_POST['blog_name']) : '';
     $blog_encoding = $this->blog_encoding;
     $from_encoding = isset($_POST['charset']) ? $_POST['charset'] : '';
     if (!$from_encoding) {
         $from_encoding = preg_match("/^.*charset=([a-zA-Z0-9\\-_]+).*\$/i", $_SERVER['CONTENT_TYPE'], $matched) ? $matched[1] : '';
     }
     $from_encoding = str_replace(array(',', ' '), '', strtoupper(trim($from_encoding)));
     $from_encoding = $this->guess_encoding($excerpt . $title . $blog_name, $from_encoding);
     $title = $this->convenc($title, $blog_encoding, $from_encoding);
     $blog_name = $this->convenc($blog_name, $blog_encoding, $from_encoding);
     $excerpt = $this->convenc($excerpt, $blog_encoding, $from_encoding);
     $title = strip_tags($title);
     $excerpt = strip_tags($excerpt);
     $title = strlen($title) > 250 ? mb_strcut($title, 0, 250, $blog_encoding) . '…' : $title;
     $excerpt = strlen($excerpt) > 255 ? mb_strcut($excerpt, 0, 252, $blog_encoding) . '…' : $excerpt;
     $commentdata['comment_author'] = wp_slash($blog_name);
     $commentdata['comment_content'] = wp_slash("<strong>{$title}</strong>\n\n{$excerpt}");
     return $commentdata;
 }