云策 WordPress 开发者社区

函数文档

sanitize_email()

查看官方原文 ↗
💡 云策文档标注

概述

sanitize_email() 函数用于过滤电子邮件地址,移除不允许的字符,确保地址格式安全。它基于正则表达式限制字符集,并可能改变某些合法地址。

关键要点

  • 函数参数:$email(字符串,必需),返回过滤后的电子邮件地址字符串。
  • 使用正则表达式 /[^a-z0-9+_.@-]/i 来允许字符,比 RFC 5322 标准更严格。
  • 处理过程包括分割本地部分和域名,检查长度、字符有效性,并应用 sanitize_email 过滤器。
  • 对于无效地址(如格式错误或域名无效),函数可能返回空字符串。
  • 相关钩子:apply_filters('sanitize_email', $sanitized_email, $email, $message),用于过滤已清理的电子邮件地址。

代码示例

$sanitized_email = sanitize_email('admin@example.com!');
echo $sanitized_email; // 输出: 'admin@example.com'

注意事项

  • 此函数主要用于清理而非验证,无效地址可能返回空字符串而非 false。
  • 字符集限制可能导致某些合法电子邮件地址被修改,使用时需注意兼容性。
📄 原文内容

Strips out all characters that are not allowable in an email.

Parameters

$emailstringrequired
Email address to filter.

Return

string Filtered email address.

More Information

  • After sanitize_email() has done its work, it passes the sanitized e-mail address through the sanitize_email filter.
  • This function uses a smaller allowable character set than the set defined by RFC 5322. Some legal email addresses may be changed.
  • Allowed character regular expression: /[^a-z0-9+_.@-]/i.

Source

function sanitize_email( $email ) {
	// Test for the minimum length the email can be.
	if ( strlen( $email ) < 6 ) {
		/**
		 * Filters a sanitized email address.
		 *
		 * This filter is evaluated under several contexts, including 'email_too_short',
		 * 'email_no_at', 'local_invalid_chars', 'domain_period_sequence', 'domain_period_limits',
		 * 'domain_no_periods', 'domain_no_valid_subs', or no context.
		 *
		 * @since 2.8.0
		 *
		 * @param string $sanitized_email The sanitized email address.
		 * @param string $email           The email address, as provided to sanitize_email().
		 * @param string|null $message    A message to pass to the user. null if email is sanitized.
		 */
		return apply_filters( 'sanitize_email', '', $email, 'email_too_short' );
	}

	// Test for an @ character after the first position.
	if ( false === strpos( $email, '@', 1 ) ) {
		/** This filter is documented in wp-includes/formatting.php */
		return apply_filters( 'sanitize_email', '', $email, 'email_no_at' );
	}

	// Split out the local and domain parts.
	list( $local, $domain ) = explode( '@', $email, 2 );

	/*
	 * LOCAL PART
	 * Test for invalid characters.
	 */
	$local = preg_replace( '/[^a-zA-Z0-9!#$%&'*+/=?^_`{|}~.-]/', '', $local );
	if ( '' === $local ) {
		/** This filter is documented in wp-includes/formatting.php */
		return apply_filters( 'sanitize_email', '', $email, 'local_invalid_chars' );
	}

	/*
	 * DOMAIN PART
	 * Test for sequences of periods.
	 */
	$domain = preg_replace( '/.{2,}/', '', $domain );
	if ( '' === $domain ) {
		/** This filter is documented in wp-includes/formatting.php */
		return apply_filters( 'sanitize_email', '', $email, 'domain_period_sequence' );
	}

	// Test for leading and trailing periods and whitespace.
	$domain = trim( $domain, " tnrx0B." );
	if ( '' === $domain ) {
		/** This filter is documented in wp-includes/formatting.php */
		return apply_filters( 'sanitize_email', '', $email, 'domain_period_limits' );
	}

	// Split the domain into subs.
	$subs = explode( '.', $domain );

	// Assume the domain will have at least two subs.
	if ( 2 > count( $subs ) ) {
		/** This filter is documented in wp-includes/formatting.php */
		return apply_filters( 'sanitize_email', '', $email, 'domain_no_periods' );
	}

	// Create an array that will contain valid subs.
	$new_subs = array();

	// Loop through each sub.
	foreach ( $subs as $sub ) {
		// Test for leading and trailing hyphens.
		$sub = trim( $sub, " tnrx0B-" );

		// Test for invalid characters.
		$sub = preg_replace( '/[^a-z0-9-]+/i', '', $sub );

		// If there's anything left, add it to the valid subs.
		if ( '' !== $sub ) {
			$new_subs[] = $sub;
		}
	}

	// If there aren't 2 or more valid subs.
	if ( 2 > count( $new_subs ) ) {
		/** This filter is documented in wp-includes/formatting.php */
		return apply_filters( 'sanitize_email', '', $email, 'domain_no_valid_subs' );
	}

	// Join valid subs into the new domain.
	$domain = implode( '.', $new_subs );

	// Put the email back together.
	$sanitized_email = $local . '@' . $domain;

	// Congratulations, your email made it!
	/** This filter is documented in wp-includes/formatting.php */
	return apply_filters( 'sanitize_email', $sanitized_email, $email, null );
}

View all references View on Trac View on GitHub

Hooks

apply_filters( ‘sanitize_email’, string $sanitized_email, string $email, string|null $message )

Filters a sanitized email address.

Uses Description
apply_filters()wp-includes/plugin.php

Calls the callback functions that have been added to a filter hook.
Used by Description
wp_create_user_request()wp-includes/user.php

Creates and logs a user request to perform a specific action.
sanitize_option()wp-includes/formatting.php

Sanitizes various option values based on the nature of the option.
wpmu_validate_user_signup()wp-includes/ms-functions.php

Sanitizes and validates data required for a user sign-up.
wpmu_signup_user()wp-includes/ms-functions.php

Records user signup information for future activation.

Changelog

Version Description
1.5.0 Introduced.

User Contributed Notes

  2. Skip to note 4 content


    凱寧


    You must log in to vote on the helpfulness of this noteVote results for this note: -3You must log in to vote on the helpfulness of this note

    if email is illegal, the function will return false.

    $email = sanitize_email( 'testexample.com' ); // illegal email
if ( $email ) {
    echo 'good email';
} else {
    echo "it's not email";
}

    It will echo “it’s not email”.