Created
May 9, 2013 02:31
-
-
Save eddy8/5545177 to your computer and use it in GitHub Desktop.
PHP:wp functions - wp_magic_quotes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Add magic quotes to $_GET, $_POST, $_COOKIE, and $_SERVER. | |
| * | |
| * Also forces $_REQUEST to be $_GET + $_POST. If $_SERVER, $_COOKIE, | |
| * or $_ENV are needed, use those superglobals directly. | |
| * | |
| * @access private | |
| * @since 3.0.0 | |
| */ | |
| function wp_magic_quotes() { | |
| // If already slashed, strip. | |
| if ( get_magic_quotes_gpc() ) { | |
| $_GET = stripslashes_deep( $_GET ); | |
| $_POST = stripslashes_deep( $_POST ); | |
| $_COOKIE = stripslashes_deep( $_COOKIE ); | |
| } | |
| // Escape with wpdb. | |
| $_GET = add_magic_quotes( $_GET ); | |
| $_POST = add_magic_quotes( $_POST ); | |
| $_COOKIE = add_magic_quotes( $_COOKIE ); | |
| $_SERVER = add_magic_quotes( $_SERVER ); | |
| // Force REQUEST to be GET + POST. | |
| // array_merge 合并数组。字符串键名,则覆盖前一个值;数字键名,附加到后面 | |
| $_REQUEST = array_merge( $_GET, $_POST ); | |
| } | |
| /** | |
| * Navigates through an array and removes slashes from the values. | |
| * | |
| * If an array is passed, the array_map() function causes a callback to pass the | |
| * value back to the function. The slashes from this value will removed. | |
| * | |
| * @since 2.0.0 | |
| * | |
| * @param array|string $value The array or string to be stripped. | |
| * @return array|string Stripped array (or string in the callback). | |
| */ | |
| function stripslashes_deep($value) { | |
| if ( is_array($value) ) { | |
| //array_map — 将回调函数作用到给定数组的单元上 | |
| $value = array_map('stripslashes_deep', $value); | |
| } elseif ( is_object($value) ) { | |
| //get_object_vars — 返回由对象属性组成的关联数组 | |
| $vars = get_object_vars( $value ); | |
| foreach ($vars as $key=>$data) { | |
| $value->{$key} = stripslashes_deep( $data ); | |
| } | |
| } else { | |
| $value = stripslashes($value); | |
| } | |
| return $value; | |
| } | |
| /** | |
| * Walks the array while sanitizing the contents. | |
| * | |
| * @since 0.71 | |
| * | |
| * @param array $array Array to used to walk while sanitizing contents. | |
| * @return array Sanitized $array. | |
| */ | |
| function add_magic_quotes( $array ) { | |
| foreach ( (array) $array as $k => $v ) { | |
| if ( is_array( $v ) ) { | |
| $array[$k] = add_magic_quotes( $v ); | |
| } else { | |
| $array[$k] = addslashes( $v ); | |
| } | |
| } | |
| return $array; | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment