sanitize_bookmark_field()
概述
sanitize_bookmark_field() 函数用于清理书签字段值,根据字段名和上下文应用不同的过滤规则。它支持多种上下文,如 'raw'、'edit'、'db'、'display'、'attribute' 或 'js',并调用相应的 Hook 进行自定义处理。
关键要点
- 函数根据字段名进行严格或通用过滤,例如将 'link_id' 和 'link_rating' 转换为整数,'link_category' 转换为整数数组,'link_visible' 和 'link_target' 进行特定验证。
- 上下文参数控制过滤行为:'raw' 直接返回值,'edit' 调用 edit_{$field} 过滤器并转义 HTML,'db' 调用 pre_{$field} 过滤器,'display' 调用 {$field} 过滤器并根据子上下文转义。
- 函数内部使用 apply_filters() 调用 Hook,如 edit_{$field}、pre_{$field} 和 {$field},允许开发者自定义清理逻辑。
- 清理后,整数字段会恢复类型,确保数据一致性。
代码示例
function sanitize_bookmark_field( $field, $value, $bookmark_id, $context ) {
$int_fields = array( 'link_id', 'link_rating' );
if ( in_array( $field, $int_fields, true ) ) {
$value = (int) $value;
}
switch ( $field ) {
case 'link_category': // array( ints )
$value = array_map( 'absint', (array) $value );
return $value;
case 'link_visible': // bool stored as Y|N
$value = preg_replace( '/[^YNyn]/', '', $value );
break;
case 'link_target': // "enum"
$targets = array( '_top', '_blank' );
if ( ! in_array( $value, $targets, true ) ) {
$value = '';
}
break;
}
if ( 'raw' === $context ) {
return $value;
}
if ( 'edit' === $context ) {
$value = apply_filters( "edit_{$field}", $value, $bookmark_id );
if ( 'link_notes' === $field ) {
$value = esc_html( $value );
} else {
$value = esc_attr( $value );
}
} elseif ( 'db' === $context ) {
$value = apply_filters( "pre_{$field}", $value );
} else {
$value = apply_filters( "{$field}", $value, $bookmark_id, $context );
if ( 'attribute' === $context ) {
$value = esc_attr( $value );
} elseif ( 'js' === $context ) {
$value = esc_js( $value );
}
}
if ( in_array( $field, $int_fields, true ) ) {
$value = (int) $value;
}
return $value;
}注意事项
- 函数自 WordPress 2.3.0 版本引入,是书签处理的核心函数之一。
- 在 'edit' 上下文中,'link_notes' 字段使用 esc_html() 转义,其他字段使用 esc_attr()。
- Hook 如 edit_{$field}、pre_{$field} 和 {$field} 允许开发者扩展或修改清理行为,需确保回调函数正确处理参数。
- 相关函数包括 esc_js()、esc_html()、esc_attr() 和 apply_filters(),用于转义和过滤操作。
Sanitizes a bookmark field.
Description
Sanitizes the bookmark fields based on what the field name is. If the field has a strict value set, then it will be tested for that, else a more generic filtering is applied. After the more strict filter is applied, if the $context is ‘raw’ then the value is immediately return.
Hooks exist for the more generic cases. With the ‘edit’ context, the ‘edit_$field’ filter will be called and passed the $value and $bookmark_id respectively.
With the ‘db’ context, the ‘pre_$field’ filter is called and passed the value.
The ‘display’ context is the final context and has the $field has the filter name and is passed the $value, $bookmark_id, and $context, respectively.
Parameters
$fieldstringrequired-
The bookmark field.
$valuemixedrequired-
The bookmark field value.
$bookmark_idintrequired-
Bookmark ID.
$contextstringrequired-
How to filter the field value. Accepts
'raw','edit','db','display','attribute', or'js'. Default'display'.
Source
function sanitize_bookmark_field( $field, $value, $bookmark_id, $context ) {
$int_fields = array( 'link_id', 'link_rating' );
if ( in_array( $field, $int_fields, true ) ) {
$value = (int) $value;
}
switch ( $field ) {
case 'link_category': // array( ints )
$value = array_map( 'absint', (array) $value );
/*
* We return here so that the categories aren't filtered.
* The 'link_category' filter is for the name of a link category, not an array of a link's link categories.
*/
return $value;
case 'link_visible': // bool stored as Y|N
$value = preg_replace( '/[^YNyn]/', '', $value );
break;
case 'link_target': // "enum"
$targets = array( '_top', '_blank' );
if ( ! in_array( $value, $targets, true ) ) {
$value = '';
}
break;
}
if ( 'raw' === $context ) {
return $value;
}
if ( 'edit' === $context ) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters( "edit_{$field}", $value, $bookmark_id );
if ( 'link_notes' === $field ) {
$value = esc_html( $value ); // textarea_escaped
} else {
$value = esc_attr( $value );
}
} elseif ( 'db' === $context ) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters( "pre_{$field}", $value );
} else {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters( "{$field}", $value, $bookmark_id, $context );
if ( 'attribute' === $context ) {
$value = esc_attr( $value );
} elseif ( 'js' === $context ) {
$value = esc_js( $value );
}
}
// Restore the type for integer fields after esc_attr().
if ( in_array( $field, $int_fields, true ) ) {
$value = (int) $value;
}
return $value;
}
Hooks
- apply_filters( “edit_{$field}”, mixed $value, int $post_id )
-
Filters the value of a specific post field to edit.
- apply_filters( “pre_{$field}”, mixed $value )
-
Filters the value of a specific post field before saving.
- apply_filters( “{$field}”, mixed $value, int $post_id, string $context )
-
Filters the value of a specific post field for display.
Changelog
| Version | Description |
|---|---|
| 2.3.0 | Introduced. |