内部帮助函数,用于从用户输入或db中清除字符串

原型

_sanitize_text_fields( string $str, bool $keep_newlines = false )

参数

$str (string) (Required) 要消毒的字符串。

$keep_newlines (bool) (Optional) 是否保留换行符。默认值:false。

返回值

(string)  消毒字符串。

源文件

路径:wp-includes/formatting.php

<?php
...
function _sanitize_text_fields( $str, $keep_newlines = false ) {
	$filtered = wp_check_invalid_utf8( $str );
	if ( strpos($filtered, '<') !== false ) {
		$filtered = wp_pre_kses_less_than( $filtered );
		// This will strip extra whitespace for us.
		$filtered = wp_strip_all_tags( $filtered, false );
		// Use html entities in a special case to make sure no later
		// newline stripping stage could lead to a functional tag
		$filtered = str_replace("<n", "&lt;n", $filtered);
	}
	if ( ! $keep_newlines ) {
		$filtered = preg_replace( '/[rnt ]+/', ' ', $filtered );
	}
	$filtered = trim( $filtered );
	$found = false;
	while ( preg_match('/%[a-f0-9]{2}/i', $filtered, $match) ) {
		$filtered = str_replace($match[0], '', $filtered);
		$found = true;
	}
	if ( $found ) {
		// Strip out the whitespace that may now exist after removing the octets.
		$filtered = trim( preg_replace('/ +/', ' ', $filtered) );
	}
	return $filtered;
}
...
?>

其他

英文文档:https://developer.wordpress.org/reference/functions/_sanitize_text_fields/