PHP Class The_SEO_Framework\Sanitize

Sanitizes input within the plugin.
Since: 2.7.1
Inheritance: extends Admin_Pages
ファイルを表示 Open project: sybrew/the-seo-framework

Public Methods

Method Description
add_filter ( string $filter, string $option, array | string $suboption = null ) : boolean Add sanitization filters to options.
autodescription_add_option_filter ( string $filter, string $option, string | array $suboption = null ) : true Registers option sanitation filter
s_excerpt ( string $excerpt = '' ) : string Escapes input excerpt.
sanitize ( mixed $new_value, string $option ) : mixed Sanitize a value, via the sanitization filter type associated with an option.
sanitizer_filters ( ) Register each of the settings with a sanitization filter type.
verify_seo_settings_nonce ( ) : boolean Checks the SEO Settings page nonce. Returns false if nonce can't be found.

Protected Methods

Method Description
__construct ( ) Constructor, load parent constructor
do_filter ( string $filter, string $new_value, string $old_value ) : mixed Checks sanitization filter exists, and if so, passes the value through it.
get_available_filters ( ) : array Return array of known sanitization filter types.
get_option_filters ( ) : array Returns sanitation filters from cache.
s_absint ( mixed $new_value ) : integer Returns a positive integer value.
s_description ( string $new_value ) : string Returns a one-line sanitized description
s_description_separator ( mixed $new_value ) : string Returns the description separator value string.
s_email_address ( string $new_value ) : string Makes Email Addresses safe, via sanitize_email()
s_knowledge_type ( mixed $new_value ) : string Returns the knowledge type value string.
s_left_right ( mixed $new_value ) : string Returns left or right, for the separator location.
s_left_right_home ( mixed $new_value ) : string Returns left or right, for the home separator location.
s_no_html ( string $new_value ) : string Removes HTML tags from string.
s_no_html_space ( string $new_value ) : string Removes HTML tags and line breaks from string.
s_one_zero ( mixed $new_value ) : integer Returns a 1 or 0, for all truthy / falsy values.
s_one_zero_flush_rewrite ( mixed $new_value ) : integer Returns a 1 or 0, for all truthy / falsy values.
s_one_zero_flush_sitemap ( mixed $new_value ) : integer Returns a 1 or 0, for all truthy / falsy values.
s_redirect_url ( string $new_value ) : string Sanitize the Redirect URL
s_relative_url ( string $url ) : string Converts full URL paths to absolute paths.
s_safe_html ( string $new_value ) : string Removes unsafe HTML tags, via wp_kses_post().
s_title ( string $new_value ) : string Returns a sanitized and trimmed title.
s_title_separator ( mixed $new_value ) : string Returns the title separator value string.
s_twitter_card ( string $new_value ) : string Parses Twitter Card radio input. Fills in default if incorrect value is supplied.
s_twitter_name ( string $new_value ) : string Parses Twitter name and site. Adds @ if it wasn't supplied.
s_url ( string $new_value ) : string Makes URLs safe
s_url_query ( string $new_value ) : string Makes URLs safe and removes query args.
set_option_filter ( string $filter, string $option, array | string $suboption = null, boolean $get = false ) : boolean Sets sanitation filters cache.

Method Details

__construct() protected method

Constructor, load parent constructor
protected __construct ( )

add_filter() public method

Associates a sanitization filter to each option (or sub options if they exist) before adding a reference to run the option through that sanitizer at the right time.
Since: 2.2.2
Since: 2.7.0: Uses external caching function.
public add_filter ( string $filter, string $option, array | string $suboption = null ) : boolean
$filter string Sanitization filter type
$option string Option key
$suboption array | string Optional. Suboption key
return boolean Returns true when complete

autodescription_add_option_filter() public method

Registers option sanitation filter
Since: 2.2.2
Since: 2.7.0 : No longer used internally.
public autodescription_add_option_filter ( string $filter, string $option, string | array $suboption = null ) : true
$filter string The filter to call (see The_SEO_Framework_Site_Options::$available_filters for options)
$option string The WordPress option name
$suboption string | array Optional. The suboption or suboptions you want to filter
return true

do_filter() protected method

Checks sanitization filter exists, and if so, passes the value through it.
Since: 2.2.2
protected do_filter ( string $filter, string $new_value, string $old_value ) : mixed
$filter string Sanitization filter type
$new_value string New value
$old_value string Previous value
return mixed Returns filtered value, or submitted value if value is unfiltered.

get_available_filters() protected method

Array can be filtered via 'the_seo_framework_available_sanitizer_filters' to let themes and other plugins add their own sanitization filters.
Since: 2.2.2
protected get_available_filters ( ) : array
return array Array with keys of sanitization types, and values of the filter function name as a callback

get_option_filters() protected method

Returns sanitation filters from cache.
Since: 2.7.0
protected get_option_filters ( ) : array
return array Filters with their associated (sub)options.

s_absint() protected method

Returns a positive integer value.
Since: 2.2.2
protected s_absint ( mixed $new_value ) : integer
$new_value mixed Should ideally be a positive integer.
return integer Positive integer.

s_description() protected method

Returns a one-line sanitized description
Since: 2.5.0
Since: 2.6.6 Removes duplicated spaces.
protected s_description ( string $new_value ) : string
$new_value string The Description.
return string One line sanitized description.

s_description_separator() protected method

Returns the description separator value string.
Since: 2.2.2
protected s_description_separator ( mixed $new_value ) : string
$new_value mixed Should be identical to any of the $this->description_separator values
return string Description separator option

s_email_address() protected method

Makes Email Addresses safe, via sanitize_email()
Since: 2.2.2
protected s_email_address ( string $new_value ) : string
$new_value string String, an email address, possibly unsafe.
return string String a safe email address

s_excerpt() public method

Escapes input excerpt.
Since: 2.7.1
public s_excerpt ( string $excerpt = '' ) : string
$excerpt string the Excerpt.
return string The escaped Excerpt.

s_knowledge_type() protected method

Returns the knowledge type value string.
Since: 2.2.8
protected s_knowledge_type ( mixed $new_value ) : string
$new_value mixed Should be identical to any of the $person_organization values.
return string title Knowledge type option

s_left_right() protected method

Returns left or right, for the separator location.
Since: 2.2.2
protected s_left_right ( mixed $new_value ) : string
$new_value mixed Should ideally be a string 'left' or 'right' passed in.
return string left or right

s_left_right_home() protected method

Returns left or right, for the home separator location.
Since: 2.5.2
protected s_left_right_home ( mixed $new_value ) : string
$new_value mixed Should ideally be a string 'left' or 'right' passed in.
return string left or right

s_no_html() protected method

Removes HTML tags from string.
Since: 2.2.2
protected s_no_html ( string $new_value ) : string
$new_value string String, possibly with HTML in it.
return string String without HTML in it.

s_no_html_space() protected method

Removes HTML tags and line breaks from string.
Since: 2.5.2
protected s_no_html_space ( string $new_value ) : string
$new_value string String, possibly with HTML and spaces in it.
return string String without HTML and breaks in it.

s_one_zero() protected method

Uses double casting. First, we cast to bool, then to integer.
Since: 2.2.2
protected s_one_zero ( mixed $new_value ) : integer
$new_value mixed Should ideally be a 1 or 0 integer passed in.
return integer 1 or 0.

s_one_zero_flush_rewrite() protected method

Uses double casting. First, we cast to bool, then to integer. Also flushes rewrite rules.
Since: 2.2.9
protected s_one_zero_flush_rewrite ( mixed $new_value ) : integer
$new_value mixed Should ideally be a 1 or 0 integer passed in.
return integer 1 or 0.

s_one_zero_flush_sitemap() protected method

Uses double casting. First, we cast to bool, then to integer. Also flushes the sitemap.
Since: 2.2.9
protected s_one_zero_flush_sitemap ( mixed $new_value ) : integer
$new_value mixed Should ideally be a 1 or 0 integer passed in.
return integer 1 or 0.

s_redirect_url() protected method

Sanitize the Redirect URL
Since: 2.2.4
protected s_redirect_url ( string $new_value ) : string
$new_value string String with potentially unwanted redirect URL.
return string The Sanitized Redirect URL

s_relative_url() protected method

Removes the http or https protocols and the domain. Keeps the path '/' at the beginning, so it isn't a true relative link, but from the web root base.
Since: 2.6.5
protected s_relative_url ( string $url ) : string
$url string Full Path URL or relative URL.
return string Abolute path.

s_safe_html() protected method

Removes unsafe HTML tags, via wp_kses_post().
Since: 2.2.2
protected s_safe_html ( string $new_value ) : string
$new_value string String with potentially unsafe HTML in it.
return string String with only safe HTML in it

s_title() protected method

Returns a sanitized and trimmed title.
Since: 2.5.2
protected s_title ( string $new_value ) : string
$new_value string The Title.
return string Sanitized and trimmed title.

s_title_separator() protected method

Returns the title separator value string.
Since: 2.2.2
protected s_title_separator ( mixed $new_value ) : string
$new_value mixed Should be identical to any of the $this->get_separator_list() values
return string Title separator option

s_twitter_card() protected method

Falls back to previous value if empty. If previous value is empty if will go to default.
Since: 2.5.2
protected s_twitter_card ( string $new_value ) : string
$new_value string String with potentially wrong option value.
return string Sanitized twitter card type.

s_twitter_name() protected method

Parses URL to path and adds @ if URL is given.
Since: 2.2.2
protected s_twitter_name ( string $new_value ) : string
$new_value string String with potentially wrong Twitter username.
return string String with 'correct' Twitter username

s_url() protected method

Makes URLs safe
Since: 2.2.2
protected s_url ( string $new_value ) : string
$new_value string String, a URL, possibly unsafe.
return string String a safe URL without Query Arguments.

s_url_query() protected method

Makes URLs safe and removes query args.
Since: 2.2.8
protected s_url_query ( string $new_value ) : string
$new_value string String, a URL, possibly unsafe.
return string String a safe URL with Query Arguments.

sanitize() public method

Sanitize a value, via the sanitization filter type associated with an option.
Since: 2.2.2
public sanitize ( mixed $new_value, string $option ) : mixed
$new_value mixed New value
$option string Name of the option
return mixed Filtered, or unfiltered value

sanitizer_filters() public method

Register each of the settings with a sanitization filter type.
See also: The_SEO_Framework_Sanitize::add_filter() Add sanitization filters to options.
Since: 2.2.2
public sanitizer_filters ( )

set_option_filter() protected method

Associates a sanitization filter to each option (or sub options if they exist) before adding a reference to run the option through that sanitizer at the right time.
Since: 2.7.0
protected set_option_filter ( string $filter, string $option, array | string $suboption = null, boolean $get = false ) : boolean
$filter string Sanitization filter type
$option string Option key
$suboption array | string Optional. Suboption key
$get boolean Whether to retrieve cache.
return boolean Returns true when complete

verify_seo_settings_nonce() public method

Performs wp_die() when nonce verification fails. Never run a sensitive function when it's returning false. This means no nonce can be verified.
Since: 2.7.0
public verify_seo_settings_nonce ( ) : boolean
return boolean True if verified and matches. False if can't verify.