/**
* xprofile_sanitize_data_value_before_save ( $field_value, $field_id )
*
* Safely runs profile field data through kses and force_balance_tags.
*
* @param string $field_value
* @param int $field_id
* @param bool $reserialize Whether to reserialize arrays before returning. Defaults to true
* @return string
*/
function xprofile_sanitize_data_value_before_save($field_value, $field_id, $reserialize = true)
{
// Return if empty
if (empty($field_value)) {
return;
}
// Value might be serialized
$field_value = maybe_unserialize($field_value);
// Filter single value
if (!is_array($field_value)) {
$kses_field_value = xprofile_filter_kses($field_value);
$filtered_field_value = wp_rel_nofollow(force_balance_tags($kses_field_value));
$filtered_field_value = apply_filters('xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value);
// Filter each array item independently
} else {
$filtered_values = array();
foreach ((array) $field_value as $value) {
$kses_field_value = xprofile_filter_kses($value);
$filtered_value = wp_rel_nofollow(force_balance_tags($kses_field_value));
$filtered_values[] = apply_filters('xprofile_filtered_data_value_before_save', $filtered_value, $value);
}
if ($reserialize) {
$filtered_field_value = serialize($filtered_values);
} else {
$filtered_field_value = $filtered_values;
}
}
return $filtered_field_value;
}
function auto_nofollow($content)
{
if (get_option('add_nofollow') == "on") {
return stripslashes(wp_rel_nofollow($content));
}
return $content;
}
/**
* Safely runs profile field data through kses and force_balance_tags.
*
* @param string $field_value Field value being santized.
* @param int $field_id Field ID being sanitized.
* @param bool $reserialize Whether to reserialize arrays before returning. Defaults to true.
* @param object|null $data_obj The BP_XProfile_ProfileData object.
*
* @return string
*/
function xprofile_sanitize_data_value_before_save($field_value, $field_id = 0, $reserialize = true, $data_obj = null)
{
// Return if empty.
if (empty($field_value)) {
return $field_value;
}
// Value might be serialized.
$field_value = maybe_unserialize($field_value);
// Filter single value.
if (!is_array($field_value)) {
$kses_field_value = xprofile_filter_kses($field_value, $data_obj);
$filtered_field_value = wp_rel_nofollow(force_balance_tags($kses_field_value));
/**
* Filters the kses-filtered data before saving to database.
*
* @since 1.5.0
*
* @param string $filtered_field_value The filtered value.
* @param string $field_value The original value before filtering.
* @param BP_XProfile_ProfileData $data_obj The BP_XProfile_ProfileData object.
*/
$filtered_field_value = apply_filters('xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value, $data_obj);
// Filter each array item independently.
} else {
$filtered_values = array();
foreach ((array) $field_value as $value) {
$kses_field_value = xprofile_filter_kses($value, $data_obj);
$filtered_value = wp_rel_nofollow(force_balance_tags($kses_field_value));
/** This filter is documented in bp-xprofile/bp-xprofile-filters.php */
$filtered_values[] = apply_filters('xprofile_filtered_data_value_before_save', $filtered_value, $value, $data_obj);
}
if (!empty($reserialize)) {
$filtered_field_value = serialize($filtered_values);
} else {
$filtered_field_value = $filtered_values;
}
}
return $filtered_field_value;
}
function genesis_rel_nofollow($xhtml)
{
$xhtml = genesis_strip_attr($xhtml, array('a'), array('rel'));
$xhtml = stripslashes(wp_rel_nofollow($xhtml));
return $xhtml;
}
/**
* Adds rel="nofollow" attribute and value to links within string passed in.
*
* @since 1.0.0
*
* @uses genesis_strip_attr() Remove any existing rel attribute from links
*
* @param string $text HTML markup
* @return string Amendment HTML markup
*/
function genesis_rel_nofollow($text)
{
$text = genesis_strip_attr($text, 'a', 'rel');
return stripslashes(wp_rel_nofollow($text));
}
</a>
</div>
</div>
<hr>
<div class="row">
<div class="col-12">
<div class="text-center album-thumbs">
<?php
foreach ($fb_data['photos']['data'] as $pic) {
$data_title = isset($pic['name']) ? $pic['name'] : $fb_data['from']['name'];
?>
<a class="road-trip" href="<?php
echo $pic['source'];
?>
" data-lightbox="roadtrip" data-title="<?php
echo esc_attr(wp_rel_nofollow(make_clickable($data_title)));
?>
" >
<img class="thumbnail" src="<?php
echo $pic['picture'];
?>
" />
</a>
<?php
}
?>
</div>
</div>
</div>
</div>
function kebo_twitter_linkify($tweets)
{
$options = kebo_get_twitter_options();
foreach ($tweets as $tweet) {
/*
* Extra Link Processing ( rel attribute and target attribute )
*/
if (!empty($tweet->retweeted_status)) {
/*
* Check mb_ function compatibility and fallback to regex
*/
if (function_exists('mb_strlen')) {
/*
* Convert Entities into HTML Links
*/
$tweet->retweeted_status->text = kebo_twitter_linkify_entities($tweet->retweeted_status->text, $tweet->retweeted_status->entities);
} else {
/*
* Turn Hasntags into HTML Links
*/
$tweet->retweeted_status->text = preg_replace('/(#.+?)(?=[\\s.,:,]|$)/', '<a href="http://twitter.com/search?q=$1">$1</a>', $tweet->retweeted_status->text);
/*
- * Turn Mentions into HTML Links
*/
$tweet->retweeted_status->text = preg_replace('/(@.+?)(?=[\\s.,:,]|$)/', '<a href="http://www.twitter.com/$1">$1</a>', $tweet->retweeted_status->text);
}
/*
* Decode HTML Chars like ' to '
*/
$tweet->retweeted_status->text = htmlspecialchars_decode($tweet->retweeted_status->text, ENT_QUOTES);
/*
* Convert any leftover text links (e.g. when images are uploaded and Twitter adds a URL but no entity)
*/
$tweet->retweeted_status->text = make_clickable($tweet->retweeted_status->text);
/*
* NoFollow URLs
*/
$tweet->retweeted_status->text = 'nofollow' == $options['kebo_twitter_nofollow_links'] ? stripslashes(wp_rel_nofollow($tweet->retweeted_status->text)) : $tweet->retweeted_status->text;
/*
* Add target="_blank" to all links
*/
$tweet->retweeted_status->text = links_add_target($tweet->retweeted_status->text, '_blank', array('a'));
} elseif (!empty($tweet->text)) {
/*
* Check mb_ function compatibility and fallback to regex
*/
if (function_exists('mb_strlen')) {
/*
* Convert Entities into HTML Links
*/
$tweet->text = kebo_twitter_linkify_entities($tweet->text, $tweet->entities);
} else {
/*
* Turn Hasntags into HTML Links
*/
$tweet->text = preg_replace('/(#.+?)(?=[\\s.,:,]|$)/', '<a href="http://twitter.com/search?q=$1">$1</a>', $tweet->text);
/*
- * Turn Mentions into HTML Links
*/
$tweet->text = preg_replace('/(@.+?)(?=[\\s.,:,]|$)/', '<a href="http://www.twitter.com/$1">$1</a>', $tweet->text);
}
/*
* Decode HTML Chars like ' to '
*/
$tweet->text = htmlspecialchars_decode($tweet->text, ENT_QUOTES);
/*
* Convert any leftover text links (e.g. when images are uploaded and Twitter adds a URL but no entity)
*/
$tweet->text = make_clickable($tweet->text);
/*
* NoFollow URLs
*/
$tweet->text = 'nofollow' == $options['kebo_twitter_nofollow_links'] ? stripslashes(wp_rel_nofollow($tweet->text)) : $tweet->text;
/*
* Add target="_blank" to all links
*/
$tweet->text = links_add_target($tweet->text, '_blank', array('a'));
}
}
return $tweets;
}
/**
* Takes a string and removes potentially harmful HTML and PHP tags from it. This function is run right before post insertion and the writer of the post is not shown any errors.
*
* @access private
*
* @param string $value The string from which harmful tags are to be stripped.
* @param array $field The settings array for this field.
* @return string The stripped string
**/
private function sanitize($value, $field)
{
if (isset($field['strip_tags']) && $field['strip_tags'] == 'all') {
$value = wp_strip_all_tags($value);
}
if (isset($field['strip_tags']) && $field['strip_tags'] == 'unsafe') {
$value = wp_kses($value, $this->get_whitelist());
}
if (isset($field['nofollow']) && $field['nofollow']) {
$value = stripslashes(wp_rel_nofollow($value));
}
return $value;
}
/**
* @ticket 11360
* @dataProvider data_wp_rel_nofollow
*/
public function test_wp_rel_nofollow($input, $output)
{
return $this->assertEquals(wp_slash($output), wp_rel_nofollow($input));
}
if (!($_field_label = trim($_field_label))) {
continue;
}
// Empty.
if (!($_field = trim($_field))) {
continue;
}
// Empty.
$_field_value = get_user_field($_field, $_user->ID);
if ($_field_value && is_array($_field_value)) {
$_field_value = implode(", ", $_field_value);
} else {
$_field_value = (string) $_field_value;
}
$_field_label = esc_html($_field_label);
$_field_value = wp_rel_nofollow(make_clickable(esc_html($_field_value)));
if (is_numeric($_field_value) && strlen($_field_value) === 10) {
// Convert timestamps to a date string.
$_field_value = date_i18n(get_option("date_format") . " " . get_option("time_format"), (int) $_field_value, TRUE);
}
$_field_label = apply_filters("ws_plugin__s2member_pro_sc_member_list_field_label", $_field_label, get_defined_vars());
$_field_value = apply_filters("ws_plugin__s2member_pro_sc_member_list_field_value", $_field_value, get_defined_vars());
?>
<?php
if ($_field_label && $_field_value) {
?>
<tr>
<td>
<span title="<?php
echo esc_attr(strip_tags($_field_label));
?>
public function test_convert_no_follow()
{
$content = '<p>This is some cool <a href="/" rel="weird">Code</a></p>';
$expected = '<p>This is some cool <a href=\\"/\\" rel=\\"weird nofollow\\">Code</a></p>';
$this->assertEquals($expected, wp_rel_nofollow($content));
}
function wikiembed_options_validate($wikiembed_options)
{
return array('tabs' => isset($wikiembed_options['tabs']) && $wikiembed_options['tabs'] == 1 ? 1 : 0, 'accordians' => isset($wikiembed_options['accordions']) && $wikiembed_options['accordions'] == 1 ? 1 : 0, 'style' => isset($wikiembed_options['style']) && $wikiembed_options['style'] == 1 ? 1 : 0, 'tabs-style' => isset($wikiembed_options['tabs-style']) && $wikiembed_options['tabs-style'] == 1 ? 1 : 0, 'accordion-style' => isset($wikiembed_options['accordion-style']) && $wikiembed_options['accordion-style'] == 1 ? 1 : 0, 'wiki-update' => is_numeric($wikiembed_options['wiki-update']) ? $wikiembed_options['wiki-update'] : "30", 'wiki-links' => in_array($wikiembed_options['wiki-links'], array("default", "overlay", "new-page")) ? $wikiembed_options['wiki-links'] : "default", 'wiki-links-new-page-email' => wp_rel_nofollow($wikiembed_options['wiki-links-new-page-email']), 'default' => array('source' => isset($wikiembed_options['default']['source']) && $wikiembed_options['default']['source'] == 1 ? 1 : 0, 'pre-source' => wp_rel_nofollow($wikiembed_options['default']['pre-source']), 'no-contents' => isset($wikiembed_options['default']['no-contents']) && $wikiembed_options['default']['no-contents'] == 1 ? 1 : 0, 'no-edit' => isset($wikiembed_options['default']['no-infobox']) && $wikiembed_options['default']['no-infobox'] == 1 ? 1 : 0, 'no-infobox' => isset($wikiembed_options['default']['no-edit']) && $wikiembed_options['default']['no-edit'] == 1 ? 1 : 0, 'tabs' => is_numeric($wikiembed_options['default']['tabs']) ? $wikiembed_options['default']['tabs'] : "0"), 'security' => array('whitelist' => isset($wikiembed_options['security']['whitelist']) ? trim($wikiembed_options['security']['whitelist']) : null));
}
function _add_nofollow_callback($matches)
{
$orig = $matches[0];
$matches[0] = preg_replace("| rel=([\"\\']??)([^\"\\'>]*?)\\1|siU", ' rel="$2 nofollow"', $matches[0]);
if ($matches[0] === $orig) {
$matches[0] = stripslashes(wp_rel_nofollow($matches[0]));
}
return $matches[0];
}
