/**
* Clean search string from XSS exploits.
*
* @since 1.0
*
* @param string $val Potentially unclean string
* @return string Cleaned string
*/
function bsearch_clean_terms($val)
{
global $bsearch_settings;
$val = stripslashes(urldecode($val));
$badwords = array_map('trim', explode(',', $bsearch_settings['badwords']));
$censorChar = ' ';
/**
* Allow the censored character to be replaced.
*
* @since 2.1.0
*
* @param string $censorChar Censored character
* @param string $val Raw search string
*/
$censorChar = apply_filters('bsearch_censor_char', $censorChar, $val);
$val_censored = bsearch_censor_string($val, $badwords, $censorChar);
// No more bad words
$val = $val_censored['clean'];
$val = addslashes_gpc($val);
$val = wp_kses_post($val);
/**
* Clean search string from XSS exploits.
*
* @since 2.0.0
*
* @param string $val Cleaned string
*/
return apply_filters('bsearch_clean_terms', $val);
}
/**
* Clean search string from XSS exploits.
*
* @param string $val
* @return string
*/
function bsearch_clean_terms($val)
{
global $bsearch_settings;
$badwords = array_map('trim', explode(",", $bsearch_settings['badwords']));
$val_censored = bsearch_censor_string($val, $badwords, ' ');
// No more bad words
$val = $val_censored['clean'];
$val = wp_kses_post($val);
return $val;
}
