kses php,wp_kses_split2()

wp_kses_split2( string $string, array $allowed_html, array $allowed_protocols )

用于修复格式错误的HTML标记的wp_kses_split回调。

Callback for wp_kses_split for fixing malformed HTML tags.

说明(Description)

这个函数做了很多工作。它拒绝一些非常畸形的东西，比如。如果不允许元素，则返回空字符串(look ma，no strip_tags()！)。否则，它将标记拆分为元素和属性列表。在将标记拆分为元素和属性列表后，它将通过另一个过滤器运行，该过滤器将删除非法属性，完成后将返回。

参数(Parameters)

参数

类型

说明

$string

(string)

要筛选的内容

$allowed_html

(array)

允许的HTML元素

$allowed_protocols

(array)

允许的协议

源码(Source)

/**

* Callback for wp_kses_split for fixing malformed HTML tags.

*

* This function does a lot of work. It rejects some very malformed things like

* <:::>. It returns an empty string, if the element isn't allowed (look ma, no

* strip_tags()!). Otherwise it splits the tag into an element and an attribute

* list.

*

* After the tag is split into an element and an attribute list, it is run

* through another filter which will remove illegal attributes and once that is

* completed, will be returned.

*

* @access private

* @since 1.0.0

*

* @param string $string Content to filter

* @param array $allowed_html Allowed HTML elements

* @param array $allowed_protocols Allowed protocols to keep

* @return string Fixed HTML element

*/

function wp_kses_split2($string, $allowed_html, $allowed_protocols) {

$string = wp_kses_stripslashes($string);

if (substr($string, 0, 1) != '';="" it="" matched="" a="" "="">" character

if ( ''), '', $string );

while ( $string != ($newstring = wp_kses($string, $allowed_html, $allowed_protocols)) )

$string = $newstring;

if ( $string == '' )

return '';

// prevent multiple dashes in comments

$string = preg_replace('/--+/', '-', $string);

// prevent three dashes closing a comment

$string = preg_replace('/-$/', '', $string);

return "";

}

// Allow HTML comments

if (!preg_match('%^]*)>?$%', $string, $matches))

return '';

// It's seriously malformed

$slash = trim($matches[1]);

$elem = $matches[2];

$attrlist = $matches[3];

if ( ! is_array( $allowed_html ) )

$allowed_html = wp_kses_allowed_html( $allowed_html );

if ( ! isset($allowed_html[strtolower($elem)]) )

return '';

// They are using a not allowed HTML element

if ($slash != '')

return "";

// No attributes are allowed for closing elements

return wp_kses_attr( $elem, $attrlist, $allowed_html, $allowed_protocols );

}

更新版本

源码位置

使用

被使用

1.0.0

wp-includes/kses.php

5

13

wp_kses_split2() 为WP2原创文章，链接：https://www.wp2.cn/functions/wp_kses_split2/