WordPress函数文档esc_url()
发布于
by
URL 过滤 描述 主要用于 URL 过滤: 拒绝不是下面协议的 URL (defaulting to htt…
URL 过滤
描述
主要用于 URL 过滤:
- 拒绝不是下面协议的 URL (defaulting to http, https, ftp, ftps, mailto, news, irc, gopher, nntp, feed, and telnet)
- 消除无效字符和删除危险字符。
- 将字符转换成 HTML 实体,并且将 & 和 单引号(’) 转换成数字实体:&, '。
用法
<?php esc_url( $url, $protocols, $_context ); ?>
参数
$url
(string) (必填) 将要被清理过滤的 URL
默认值: None
$protocols
(array) (可选) 可以接受协议的数组,如果没有设置,默认是:’http’, ‘https’, ‘ftp’, ‘ftps’, ‘mailto’, ‘news’, ‘irc’, ‘gopher’, ‘nntp’, ‘feed’, ‘telnet’。
默认值: null
$_context
(string) (可选) 如何返回 URL。
默认值: ‘display’
返回值
(string)
The cleaned $url after the ‘esc_url‘ filter is applied. An empty string is returned if $url specifies a protocol other than those in $protocols, or if $url contains an empty string.
已经清理过滤的 URL
示例
Adding a link to home
As featured in the Twenty Thirteen theme, although simplified for the sake of the example
|
1
2
3
4
|
/* ———————————-
* wordpress函数 kim收集
* ———————————- */
<a href=“<?php echo esc_url( home_url( ‘/’ ) ); ?>“>Home</a>
|
注意
源文件
esc_url() 函数的代码位于 wp-includes/formatting.php.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
/* ———————————-
* wordpress函数 kim收集
* ———————————- */
/**
* Checks and cleans a URL.
*
* A number of characters are removed from the URL. If the URL is for displaying
* (the default behaviour) ampersands are also replaced. The ‘clean_url’ filter
* is applied to the returned cleaned URL.
*
* @since 2.8.0
*
* @param string $url The URL to be cleaned.
* @param array $protocols Optional. An array of acceptable protocols.
* Defaults to return value of wp_allowed_protocols()
* @param string $_context Private. Use esc_url_raw() for database usage.
* @return string The cleaned $url after the ‘clean_url’ filter is applied.
*/
function esc_url( $url, $protocols = null, $_context = ‘display’ ) {
$original_url = $url;
if ( ” == $url )
return $url;
$url = preg_replace(‘|[^a-z0-9-~+_.?#=!&;,/:%@$|*’()x80–xff]|i‘, ‘‘, $url);
if ( 0 !== stripos( $url, ‘mailto:‘ ) ) {
$strip = array(‘%0d‘, ‘%0a‘, ‘%0D‘, ‘%0A‘);
$url = _deep_replace($strip, $url);
}
$url = str_replace(‘;//’, ‘://’, $url);
/* If the URL doesn’t appear to contain a scheme, we
* presume it needs http:// appended (unless a relative
* link starting with /, # or ? or a php file).
*/
if ( strpos($url, ‘:’) === false && ! in_array( $url[0], array( ‘/’, ‘#’, ‘?’ ) ) &&
! preg_match(‘/^[a-z0-9-]+?.php/i’, $url) )
$url = ‘http://’ . $url;
// Replace ampersands and single quotes only when displaying.
if ( ‘display’ == $_context ) {
$url = wp_kses_normalize_entities( $url );
$url = str_replace( ‘&’, ‘&’, $url );
$url = str_replace( “‘”, ”‘, $url );
}
if ( ‘/‘ === $url[0] ) {
$good_protocol_url = $url;
} else {
if ( ! is_array( $protocols ) )
$protocols = wp_allowed_protocols();
$good_protocol_url = wp_kses_bad_protocol( $url, $protocols );
if ( strtolower( $good_protocol_url ) != strtolower( $url ) )
return ‘‘;
}
/**
* Filter a string cleaned and escaped for output as a URL.
*
* @since 2.3.0
*
* @param string $good_protocol_url The cleaned URL to be returned.
* @param string $original_url The URL prior to cleaning.
* @param string $_context If ‘display‘, replace ampersands and single quotes only.
*/
return apply_filters( ‘clean_url‘, $good_protocol_url, $original_url, $_context );
}
|
相关
See: Data Validation article for an in-depth discussion of input and output sanitization.
- esc_html()
- esc_html__()
- esc_html_e()
- esc_attr()
- esc_attr__()
- esc_attr_e()
- esc_js()
- esc_sql()
- esc_textarea()
- esc_url()
- esc_url_raw()
- urlencode()
- urlencode_deep()
- 原文:http://codex.wordpress.org/Function_Reference/esc_url
类别:WordPress函数文档、
本文收集自互联网,转载请注明来源。
如有侵权,请联系 wper_net@163.com 删除。
猜你喜欢GUESS YOU LIKE
评论功能已经关闭!