云策 WordPress 开发者社区

函数文档

wp_slash()

查看官方原文 ↗
💡 云策文档标注

概述

wp_slash() 函数用于为字符串或数组中的字符串递归添加反斜杠,主要用于准备需要转义数据的核心 API 调用。它不应直接用于 SQL 查询转义。

关键要点

  • 功能:为字符串或数组递归添加反斜杠,处理单引号、双引号、反斜杠和 NUL 字符
  • 适用场景:准备数据供 WordPress 核心 API 使用,如 wp_insert_post()、wp_update_post() 等
  • 注意事项:不应用于 SQL 查询转义,应使用 $wpdb->prepare() 或 esc_sql()
  • 参数:接受字符串或数组,返回相同类型的转义后值
  • 版本变化:自 5.5.0 起,非字符串值(如整数、布尔值)保持不变

代码示例

// 字符串使用示例
function wpdocs_toolset_string_add_slashes() {
    $name = __( "O'Reilly & Associates", 'textdomain' );
    $name = wp_slash( $name );
    echo "name={$name}";
}
add_action( 'pre_get_posts', 'wpdocs_toolset_string_add_slashes' );

// 数组使用示例
function wpdocs_toolset_array_add_slashes() {
    $names = array( __( "Baba O'Reilly", 'textdomain' ), __( 'class of '99', 'textdomain' ) );
    $names = wp_slash( $names );
    print_r( $names );
}
add_action( 'pre_get_posts', 'wpdocs_toolset_array_add_slashes' );
📄 原文内容

Adds slashes to a string or recursively adds slashes to strings within an array.

Description

This should be used when preparing data for core API that expects slashed data.
This should not be used to escape data going directly into an SQL query.

Parameters

$valuestring|arrayrequired
String or array of data to slash.

Return

string|array Slashed $value, in the same type as supplied.

Source

function wp_slash( $value ) {
	if ( is_array( $value ) ) {
		return array_map( 'wp_slash', $value );
	}

	if ( is_string( $value ) ) {
		return addslashes( $value );
	}

	return $value;
}

View all references View on Trac View on GitHub

Used by Description
wp_copy_parent_attachment_properties()wp-admin/includes/image.php

Copy parent attachment properties to newly cropped image.
_wp_filter_post_meta_footnotes()wp-includes/blocks.php

Strips all HTML from the content of footnotes, and sanitizes the ID.
_wp_copy_post_meta()wp-includes/revision.php

Copy post meta for the given key from one post to another.
WP_REST_Menu_Items_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-menu-items-controller.php

Creates a single nav menu item.
WP_REST_Menu_Items_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-menu-items-controller.php

Updates a single nav menu item.
WP_REST_Menus_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php

Creates a single term in a taxonomy.
WP_REST_Menus_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php

Updates a single term from a taxonomy.
wp_filter_global_styles_post()wp-includes/kses.php

Sanitizes global styles user content removing unsafe rules.
WP_REST_Widgets_Controller::save_widget()wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php

Saves the widget in the request object.
WP_REST_Templates_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php

Updates a single template.
WP_REST_Templates_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php

Creates a single template.
WP_REST_Application_Passwords_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php

Creates an application password.
WP_REST_Application_Passwords_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php

Updates an application password.
WP_REST_Attachments_Controller::edit_media_item()wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php

Applies edits to a media item and creates a new attachment record.
wp_rel_ugc()wp-includes/formatting.php

Adds rel="nofollow ugc" string to all HTML A elements in content.
WP_REST_Attachments_Controller::insert_attachment()wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php

Inserts the attachment post in the database. Does not update the attachment meta.
WP_REST_Autosaves_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-autosaves-controller.php

Creates, updates or deletes an autosave revision.
WP_REST_Autosaves_Controller::create_post_autosave()wp-includes/rest-api/endpoints/class-wp-rest-autosaves-controller.php

Creates autosave for the specified post.
WP_Customize_Manager::save_changeset_post()wp-includes/class-wp-customize-manager.php

Saves the post for the loaded changeset.
wp_update_custom_css_post()wp-includes/theme.php

Updates the custom_css post for a given theme.
WP_REST_Meta_Fields::delete_meta_value()wp-includes/rest-api/fields/class-wp-rest-meta-fields.php

Deletes a meta value for an object.
WP_REST_Meta_Fields::update_multi_meta_value()wp-includes/rest-api/fields/class-wp-rest-meta-fields.php

Updates multiple meta values for an object.
WP_REST_Meta_Fields::update_meta_value()wp-includes/rest-api/fields/class-wp-rest-meta-fields.php

Updates a meta value for an object.
WP_REST_Users_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php

Creates a single user.
WP_REST_Users_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php

Updates a single user.
WP_REST_Terms_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php

Creates a single term in a taxonomy.
WP_REST_Terms_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php

Updates a single term from a taxonomy.
WP_REST_Posts_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

Creates a single post.
WP_REST_Posts_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

Updates a single post.
WP_REST_Comments_Controller::update_item()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

Updates a comment.
WP_REST_Comments_Controller::create_item()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

Creates a comment.
WP_Customize_Nav_Menus::save_nav_menus_created_posts()wp-includes/class-wp-customize-nav-menus.php

Publishes the auto-draft posts that were created for nav menu items.
WP_Customize_Nav_Menus::insert_auto_draft_post()wp-includes/class-wp-customize-nav-menus.php

Adds a new auto-draft post.
wp_handle_comment_submission()wp-includes/comment.php

Handles the submission of a comment, usually posted to wp-comments-post.php via a comment form.
WP_Customize_Nav_Menu_Setting::update()wp-includes/customize/class-wp-customize-nav-menu-setting.php

Create/update the nav_menu term for this setting.
WP_Customize_Nav_Menu_Item_Setting::sanitize()wp-includes/customize/class-wp-customize-nav-menu-item-setting.php

Sanitize an input.
WP_Customize_Nav_Menu_Item_Setting::update()wp-includes/customize/class-wp-customize-nav-menu-item-setting.php

Creates/updates the nav_menu_item post for this setting.
wp_update_category()wp-admin/includes/taxonomy.php

Aliases wp_insert_category() with minimal args.
edit_user()wp-admin/includes/user.php

Edit user settings based on contents of $_POST
media_upload_form_handler()wp-admin/includes/media.php

Handles form submissions for the legacy media uploader.
wp_autosave()wp-admin/includes/post.php

Saves a post submitted with XHR.
add_meta()wp-admin/includes/post.php

Adds post meta data defined in the $_POST superglobal for a post with given ID.
edit_post()wp-admin/includes/post.php

Updates an existing post with values provided in $_POST.
wp_ajax_save_attachment()wp-admin/includes/ajax-actions.php

Handles updating attachment attributes via AJAX.
wp_ajax_inline_save()wp-admin/includes/ajax-actions.php

Handles Quick Edit saving a post from a list table via AJAX.
wp_ajax_replyto_comment()wp-admin/includes/ajax-actions.php

Handles replying to a comment via AJAX.
wp_update_link()wp-admin/includes/bookmark.php

Updates a link in the database.
addslashes_gpc()wp-includes/formatting.php

Adds slashes to a string or recursively adds slashes to strings within an array.
wp_rel_nofollow()wp-includes/formatting.php

Adds rel="nofollow" string to all HTML A elements in content.
WP_Embed::shortcode()wp-includes/class-wp-embed.php

The do_shortcode() callback function.
wp_update_term()wp-includes/taxonomy.php

Updates term based on arguments provided.
wp_create_user()wp-includes/user.php

Provides a simpler way of inserting a user into the database.
wp_insert_user()wp-includes/user.php

Inserts a user into the database.
wp_update_post()wp-includes/post.php

Updates a post with new post data.
_wp_put_post_revision()wp-includes/revision.php

Inserts post data into the posts table as a post revision.
wp_restore_post_revision()wp-includes/revision.php

Restores a post to the specified revision.
wp_xmlrpc_server::escape()wp-includes/class-wp-xmlrpc-server.php

Escapes string or array of strings for database.
WP_Customize_Widgets::call_widget_update()wp-includes/class-wp-customize-widgets.php

Finds and invokes the widget update and control callbacks.
wp_update_comment()wp-includes/comment.php

Updates an existing comment in the database.

Show 54 moreShow less

Changelog

Version Description
5.5.0 Non-string values are left untouched.
3.6.0 Introduced.

User Contributed Notes

  2. Skip to note 4 content


    Codex


    You must log in to vote on the helpfulness of this noteVote results for this note: 1You must log in to vote on the helpfulness of this note

    Usage with an array

    How to use wp_slash with an array within your plugin.

    function wpdocs_toolset_array_add_slashes() {
    $names = array( __( "Baba O'Reilly", 'textdomain' ), __( 'class of '99', 'textdomain' ) );
    $names = wp_slash( $names );
    print_r( $names );
}
add_action( 'pre_get_posts', 'wpdocs_toolset_array_add_slashes' );