sanitize_option

February 12, 2011 by Thorsten 0 Comments

Definition:
function sanitize_option($option, $value) {}

Sanitises various option values based on the nature of the option.

This is basically a switch statement which will pass $value through a number of functions depending on the $option.

Parameters

string $option: The name of the option.
string $value: The unsanitised value.

Return values

returns:Sanitized value.

Defined filters

sanitize_option_{$option}
apply_filters("sanitize_option_{$option}", $value, $option)

Source code

function sanitize_option($option, $value) {



	switch ( $option ) {

		case 'admin_email':

			$value = sanitize_email($value);

			if ( !is_email($value) ) {

				$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization

				if ( function_exists('add_settings_error') )

					add_settings_error('admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));

			}

			break;



		case 'new_admin_email':

			$value = sanitize_email($value);

			if ( !is_email($value) ) {

				$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization

				if ( function_exists('add_settings_error') )

					add_settings_error('new_admin_email', 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'));

			}

			break;



		case 'thumbnail_size_w':

		case 'thumbnail_size_h':

		case 'medium_size_w':

		case 'medium_size_h':

		case 'large_size_w':

		case 'large_size_h':

		case 'embed_size_h':

		case 'default_post_edit_rows':

		case 'mailserver_port':

		case 'comment_max_links':

		case 'page_on_front':

		case 'page_for_posts':

		case 'rss_excerpt_length':

		case 'default_category':

		case 'default_email_category':

		case 'default_link_category':

		case 'close_comments_days_old':

		case 'comments_per_page':

		case 'thread_comments_depth':

		case 'users_can_register':

		case 'start_of_week':

			$value = absint( $value );

			break;



		case 'embed_size_w':

			if ( '' !== $value )

				$value = absint( $value );

			break;



		case 'posts_per_page':

		case 'posts_per_rss':

			$value = (int) $value;

			if ( empty($value) )

				$value = 1;

			if ( $value < -1 )

				$value = abs($value);

			break;



		case 'default_ping_status':

		case 'default_comment_status':

			// Options that if not there have 0 value but need to be something like "closed"

			if ( $value == '0' || $value == '')

				$value = 'closed';

			break;



		case 'blogdescription':

		case 'blogname':

			$value = addslashes($value);

			$value = wp_filter_post_kses( $value ); // calls stripslashes then addslashes

			$value = stripslashes($value);

			$value = esc_html( $value );

			break;



		case 'blog_charset':

			$value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes

			break;



		case 'date_format':

		case 'time_format':

		case 'mailserver_url':

		case 'mailserver_login':

		case 'mailserver_pass':

		case 'ping_sites':

		case 'upload_path':

			$value = strip_tags($value);

			$value = addslashes($value);

			$value = wp_filter_kses($value); // calls stripslashes then addslashes

			$value = stripslashes($value);

			break;



		case 'gmt_offset':

			$value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes

			break;



		case 'siteurl':

			if ( (bool)preg_match( '#http(s?)://(.+)#i', $value) ) {

				$value = esc_url_raw($value);

			} else {

				$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization

				if ( function_exists('add_settings_error') )

					add_settings_error('siteurl', 'invalid_siteurl', __('The WordPress address you entered did not appear to be a valid URL. Please enter a valid URL.'));

			}

			break;



		case 'home':

			if ( (bool)preg_match( '#http(s?)://(.+)#i', $value) ) {

				$value = esc_url_raw($value);

			} else {

				$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization

				if ( function_exists('add_settings_error') )

					add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.'));

			}

			break;



		case 'WPLANG':

			$allowed = get_available_languages();

			if ( ! in_array( $value, $allowed ) && ! empty( $value ) )

				$value = get_option( $option );

			break;



		case 'timezone_string':

			$allowed_zones = timezone_identifiers_list();

			if ( ! in_array( $value, $allowed_zones ) && ! empty( $value ) ) {

				$value = get_option( $option ); // Resets option to stored value in the case of failed sanitization

				if ( function_exists('add_settings_error') )

					add_settings_error('timezone_string', 'invalid_timezone_string', __('The timezone you have entered is not valid. Please select a valid timezone.') );

			}

			break;



		case 'permalink_structure':

		case 'category_base':

		case 'tag_base':

			$value = esc_url_raw( $value );

			$value = str_replace( 'http://', '', $value );

			break;

	}



	$value = apply_filters("sanitize_option_{$option}", $value, $option);

2777

/wp-includes/formatting.php, Documentation, Files, Filters, Filters by letter s, Functions, Functions by letter s

id76adb51a6bd8c5af3ab76b6c45327c10, sanitize_option, sanitize_option_{$option}

sanitize_key

sanitize_post

No comments yet... Be the first to leave a reply!

Ouch, we don’t have this here!

It seems that we do not have anything about this topic here, but you might want to do one of the following. If you were searching for a php function head over to the php manual and use one of their entry points

If you were searching for a WordPress related topic and did not find it here try one of the following options.

Use the search form in the navigation bar above
Use the WordPress search

If nothing like this helps try using Google or an other search engine

Google
Bing

Golden Q&A rules

Search first

Be sure that you first search in Google, the WordPress forums, Codex or this site ( using the form in the menu ). Sharing your previous results helps narrowing down the problem if you also tell us what you found and why it didn’t serve your needs.

Be specific

Give as much details about your problem as possible. Make sure to include examples, links and context related to your problem.

Be WordPress related

This site focuses on WordPress and related topics. Please make sure that your question is related to WordPress code, functionality or other related topics.

Be nice

Please keep in mind that this is a voluntary service. Answers might not always be correct or what you expect. Please be nice and let us know if any inappropriate answers come to your attention.

Latest
Popular
Comments

Speed up WordPress when you have a lot of terms February 15, 2014
WordPress Importer with remote lookup for assets. February 15, 2014
It’s been a while! Sorry for neglecting you! September 4, 2013
Cache posts in category/tag/taxonomy for better performing content blocks May 10, 2012
Lost in time(zones)? http://localtime.at can help May 5, 2012

WordPress Syntax mode for Panic Coda February 18, 2011
wp_tiny_mce February 12, 2011
Initialize WordPress from a PHP CLI script July 22, 2011
wp_save_image February 12, 2011
Caching WordPress navigation menus – wp_nav_menu() wrapper October 7, 2011