trait-sanitize.php
3.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
<?php
/**
* Wrapper class for sanitizing input.
*
* @link https://wordpress.org/plugins/broken-link-checker/
* @since 2.0.0
*
* @author WPMUDEV (https://wpmudev.com)
* @package WPMUDEV_BLC\Core\Traits
*
* @copyright (c) 2022, Incsub (http://incsub.com)
*/
namespace WPMUDEV_BLC\Core\Traits;
// Abort if called directly.
use function is_bool;
use function is_numeric;
use function strip_tags;
defined( 'WPINC' ) || die;
/**
* Class Sanitize
*
* @package WPMUDEV_BLC\Core\Traits
*/
trait Sanitize {
public function sanitize_bool( $input = null ) {
return filter_var( $input, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE ) ? $input : rest_sanitize_boolean( $input );
}
/**
* Sanitize an array.
*
* @param array $options The options to sanitize.
*
* @since 1.0.0
* @return array Returns the sanitized array.
*/
protected function sanitize_array( array $options = array() ) {
if ( ! is_array( $options ) ) {
return $this->sanitize_single( $options );
}
$sanitized_options = array();
foreach ( $options as $key => $value ) {
$sanitized_options[ sanitize_key( $key ) ] = is_array( $value ) ? $this->sanitize_array( $value ) : $this->sanitize_single( $value );
}
return $sanitized_options;
}
/**
* Sanitize an array.
*
* @param string|int|bool|float $input The option to sanitize.
*
* @since 2.0.0
* @return string|int|bool|float Returns the sanitized value.
*/
protected function sanitize_single( $input = '' ) {
if ( ! \is_null( $input ) && ! \is_array( $input ) && ! \is_object( $input ) ) {
if ( $this->has_email_format( $input ) ) {
$input = filter_var( $input, FILTER_SANITIZE_EMAIL );
} elseif ( preg_match( '/\R/', $input ) ) {
$input = sanitize_textarea_field( $input );
} elseif ( wp_strip_all_tags( $input ) !== $input ) {
$input = wp_kses_post( $input );
} elseif ( ! is_numeric( $input ) && ! is_bool( $input ) ) {
$input = sanitize_text_field( $input );
}
}
return $input;
}
/**
* Checks the format of input if it looks like an email. It doesn't validate against forbidden characters.
*
* @param string $input The email address.
*
* @return bool
*/
protected function has_email_format( $input ) {
return ( preg_match( '/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/', $input ) || ! preg_match( '/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/', $input ) ) ? false : true;
}
/**
* Sanitize by scheme or without a given scheme.
*
* @param $input
* @param $scheme
*
* @return mixed|string
*/
protected function sanitize( $input = '', $scheme = '' ) {
if ( empty( $input ) ) {
return $input;
}
/**
* Filters the accepted schemes that are supported by default.
* Key is the scheme and value is the callback.
*/
$schemes = apply_filters(
'wpmudev_blc_sanitize_default_accepted_schemes',
array(
'string' => 'sanitize_text_field',
'url' => 'sanitize_url',
'email' => 'sanitize_email',
'textarea' => 'sanitize_textarea_field',
'html' => 'wp_kses_post',
//'bool' => array( $this, 'sanitize_bool' ),
'bool' => 'boolval',
//'bool' => 'rest_sanitize_boolean',
),
$input,
$scheme
);
if ( empty( $scheme ) || ! in_array( $scheme, array_keys( $schemes ) ) ) {
return $this->sanitize_single( $input );
}
$callback = $schemes[ $scheme ];
return $callback( $input );
}
}