sanitize_user_field()

根据上下文清理用户字段。

原型

sanitize_user_field( string $field, mixed $value, int $user_id, string $context )

描述

可能的上下文值包括：‘raw’，‘edit’，‘db’，‘display’，‘attribute’和’js’。默认情况下使用’display’上下文。调用过滤器时，‘attribute’和’js’上下文被视为’display’。

参数

$field (string) (Required) 用户对象字段名称。

$value (mixed) (Required) 用户对象值。

$user_id (int) (Required) 用户身份。

$context (string) (Required) 如何清理用户字段。寻找’raw’，‘edit’，‘db’，‘display’，‘attribute’和’js’。

返回值

(mixed)  消毒价值。

源文件

路径：wp-includes/user.php

<?php
...
function sanitize_user_field($field, $value, $user_id, $context) {
	$int_fields = array('ID');
	if ( in_array($field, $int_fields) )
		$value = (int) $value;
	if ( 'raw' == $context )
		return $value;
	if ( !is_string($value) && !is_numeric($value) )
		return $value;
	$prefixed = false !== strpos( $field, 'user_' );
	if ( 'edit' == $context ) {
		if ( $prefixed ) {
			/** This filter is documented in wp-includes/post.php */
			$value = apply_filters( "edit_{$field}", $value, $user_id );
		} else {
			/**
			 * Filters a user field value in the 'edit' context.
			 *
			 * The dynamic portion of the hook name, `$field`, refers to the prefixed user
			 * field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
			 *
			 * @since 2.9.0
			 *
			 * @param mixed $value   Value of the prefixed user field.
			 * @param int   $user_id User ID.
			 */
			$value = apply_filters( "edit_user_{$field}", $value, $user_id );
		}
		if ( 'description' == $field )
			$value = esc_html( $value ); // textarea_escaped?
		else
			$value = esc_attr($value);
	} elseif ( 'db' == $context ) {
		if ( $prefixed ) {
			/** This filter is documented in wp-includes/post.php */
			$value = apply_filters( "pre_{$field}", $value );
		} else {
			/**
			 * Filters the value of a user field in the 'db' context.
			 *
			 * The dynamic portion of the hook name, `$field`, refers to the prefixed user
			 * field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
 			 *
			 * @since 2.9.0
			 *
			 * @param mixed $value Value of the prefixed user field.
			 */
			$value = apply_filters( "pre_user_{$field}", $value );
		}
	} else {
		// Use display filters by default.
		if ( $prefixed ) {
			/** This filter is documented in wp-includes/post.php */
			$value = apply_filters( "{$field}", $value, $user_id, $context );
		} else {
			/**
			 * Filters the value of a user field in a standard context.
			 *
			 * The dynamic portion of the hook name, `$field`, refers to the prefixed user
			 * field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
			 *
			 * @since 2.9.0
			 *
			 * @param mixed  $value   The user object value to sanitize.
			 * @param int    $user_id User ID.
			 * @param string $context The context to filter within.
			 */
			$value = apply_filters( "user_{$field}", $value, $user_id, $context );
		}
	}
	if ( 'user_url' == $field )
		$value = esc_url($value);
	if ( 'attribute' == $context ) {
		$value = esc_attr( $value );
	} elseif ( 'js' == $context ) {
		$value = esc_js( $value );
	}
	return $value;
}
...
?>

其他

英文文档：https://developer.wordpress.org/reference/functions/sanitize_user_field/