Sanitzing user input with kses | WordPress.org

Resolved billsaysthis
(@billsaysthis)

13 years, 12 months ago
I’m writing a plugin and need to sanitize user-supplied value for one of the options. The string can use some basic HTML tags and href can go to either http or https but that’s all. So I’m writing a custom callback based on OZH’s great article.

However all I can manage to get is the initial < being converted to an ampersand.

Code is next, can someone advise on what I should do differently?

Thanks!
```
function km_msg_filter($inp) {
  $allowed = array('a' => array(),'b' => array(),'strong' => array(),'i' => array(),'em' => array());
  $prot = array('http','https');
  $inp[0] = wp_kses($inp[0], $allowed, $prot);
  return $inp;
}
```

Viewing 2 replies - 1 through 2 (of 2 total)

Michael Fields
(@mfields)

13 years, 12 months ago

you are using $inp[0] instead of $inp in the following line:

$inp[0] = wp_kses($inp[0], $allowed, $prot);

Thread Starter billsaysthis
(@billsaysthis)

13 years, 12 months ago

Weird, thought I tried that originally–works now but didn’t previously.

Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Sanitzing user input with kses’ is closed to new replies.

In: Plugins
2 replies
2 participants
Last reply from: billsaysthis
Last activity: 13 years, 12 months ago
Status: resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics