Changeset 11692 for trunk/src/bp-xprofile/bp-xprofile-filters.php
- Timestamp:
- 09/09/2017 12:43:21 AM (8 years ago)
- File:
-
- 1 edited
-
trunk/src/bp-xprofile/bp-xprofile-filters.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-xprofile/bp-xprofile-filters.php
r11447 r11692 169 169 } 170 170 171 // Value might be serialized. 171 // Force reserialization if serialized (avoids mutation, retains integrity) 172 if ( is_serialized( $field_value ) && ( false === $reserialize ) ) { 173 $reserialize = true; 174 } 175 176 // Value might be a serialized array of options. 172 177 $field_value = maybe_unserialize( $field_value ); 173 178 174 // Filter singlevalue.175 if ( ! is_array( $field_value ) ) {179 // Sanitize single field value. 180 if ( ! is_array( $field_value ) ) { 176 181 $kses_field_value = xprofile_filter_kses( $field_value, $data_obj ); 177 182 $filtered_field_value = wp_rel_nofollow( force_balance_tags( $kses_field_value ) ); … … 188 193 $filtered_field_value = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value, $data_obj ); 189 194 190 // Filter each array item independently.195 // Sanitize multiple individual option values. 191 196 } else { 192 197 $filtered_values = array(); 193 198 foreach ( (array) $field_value as $value ) { 194 $kses_field_value 195 $filtered_value 199 $kses_field_value = xprofile_filter_kses( $value, $data_obj ); 200 $filtered_value = wp_rel_nofollow( force_balance_tags( $kses_field_value ) ); 196 201 197 202 /** This filter is documented in bp-xprofile/bp-xprofile-filters.php */ 198 203 $filtered_values[] = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_value, $value, $data_obj ); 199 200 204 } 201 205
Note: See TracChangeset
for help on using the changeset viewer.