Sanitzing user input with kses
-
I’m writing a plugin and need to sanitize user-supplied value for one of the options. The string can use some basic HTML tags and href can go to either http or https but that’s all. So I’m writing a custom callback based on OZH’s great article.
However all I can manage to get is the initial < being converted to an ampersand.
Code is next, can someone advise on what I should do differently?
Thanks!
function km_msg_filter($inp) { $allowed = array('a' => array(),'b' => array(),'strong' => array(),'i' => array(),'em' => array()); $prot = array('http','https'); $inp[0] = wp_kses($inp[0], $allowed, $prot); return $inp; }
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘Sanitzing user input with kses’ is closed to new replies.