function wp_kses($string, $allowed_html, $allowed_protocols = array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'feed', 'gopher', 'mailto'))
{
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$string = wp_kses_hook($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
}
/**
* Filters content and keeps only allowable HTML elements.
*
* This function makes sure that only the allowed HTML element names, attribute
* names and attribute values plus only sane HTML entities will occur in
* $string. You have to remove any slashes from PHP's magic quotes before you
* call this function.
*
* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
* 'irc', 'gopher', 'nntp', 'feed', and finally 'telnet. This covers all common
* link protocols, except for 'javascript' which should not be allowed for
* untrusted users.
*
* @since 1.0.0
*
* @param string $string Content to filter through kses
* @param array $allowed_html List of allowed HTML elements
* @param array $allowed_protocols Optional. Allowed protocol in links.
* @return string Filtered content with only allowed HTML elements
*/
function wp_kses($string, $allowed_html, $allowed_protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet'))
{
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
$string = wp_kses_hook($string, $allowed_html_fixed, $allowed_protocols);
// WP changed the order of these funcs and added args to wp_kses_hook
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
}
function wp_kses($string, $allowed_html, $allowed_protocols = array ('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'feed', 'gopher', 'mailto'))
###############################################################################
# This function makes sure that only the allowed HTML element names, attribute
# names and attribute values plus only sane HTML entities will occur in
# $string. You have to remove any slashes from PHP's magic quotes before you
# call this function.
###############################################################################
{
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$string = wp_kses_hook($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
} # function wp_kses
* @global array $allowedposttags
* @since 2.0.0
*/
$allowedposttags = array('address' => array(), 'a' => array('href' => true, 'rel' => true, 'rev' => true, 'name' => true, 'target' => true), 'abbr' => array(), 'acronym' => array(), 'area' => array('alt' => true, 'coords' => true, 'href' => true, 'nohref' => true, 'shape' => true, 'target' => true), 'article' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'aside' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'audio' => array('autoplay' => true, 'controls' => true, 'loop' => true, 'muted' => true, 'preload' => true, 'src' => true), 'b' => array(), 'bdo' => array('dir' => true), 'big' => array(), 'blockquote' => array('cite' => true, 'lang' => true, 'xml:lang' => true), 'br' => array(), 'button' => array('disabled' => true, 'name' => true, 'type' => true, 'value' => true), 'caption' => array('align' => true), 'cite' => array('dir' => true, 'lang' => true), 'code' => array(), 'col' => array('align' => true, 'char' => true, 'charoff' => true, 'span' => true, 'dir' => true, 'valign' => true, 'width' => true), 'colgroup' => array('align' => true, 'char' => true, 'charoff' => true, 'span' => true, 'valign' => true, 'width' => true), 'del' => array('datetime' => true), 'dd' => array(), 'dfn' => array(), 'details' => array('align' => true, 'dir' => true, 'lang' => true, 'open' => true, 'xml:lang' => true), 'div' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'dl' => array(), 'dt' => array(), 'em' => array(), 'fieldset' => array(), 'figure' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'figcaption' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'font' => array('color' => true, 'face' => true, 'size' => true), 'footer' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'form' => array('action' => true, 'accept' => true, 'accept-charset' => true, 'enctype' => true, 'method' => true, 'name' => true, 'target' => true), 'h1' => array('align' => true), 'h2' => array('align' => true), 'h3' => array('align' => true), 'h4' => array('align' => true), 'h5' => array('align' => true), 'h6' => array('align' => true), 'header' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'hgroup' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'hr' => array('align' => true, 'noshade' => true, 'size' => true, 'width' => true), 'i' => array(), 'img' => array('alt' => true, 'align' => true, 'border' => true, 'height' => true, 'hspace' => true, 'longdesc' => true, 'vspace' => true, 'src' => true, 'usemap' => true, 'width' => true), 'ins' => array('datetime' => true, 'cite' => true), 'kbd' => array(), 'label' => array('for' => true), 'legend' => array('align' => true), 'li' => array('align' => true, 'value' => true), 'map' => array('name' => true), 'mark' => array(), 'menu' => array('type' => true), 'nav' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'p' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'pre' => array('width' => true), 'q' => array('cite' => true), 's' => array(), 'samp' => array(), 'span' => array('dir' => true, 'align' => true, 'lang' => true, 'xml:lang' => true), 'section' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'small' => array(), 'strike' => array(), 'strong' => array(), 'sub' => array(), 'summary' => array('align' => true, 'dir' => true, 'lang' => true, 'xml:lang' => true), 'sup' => array(), 'table' => array('align' => true, 'bgcolor' => true, 'border' => true, 'cellpadding' => true, 'cellspacing' => true, 'dir' => true, 'rules' => true, 'summary' => true, 'width' => true), 'tbody' => array('align' => true, 'char' => true, 'charoff' => true, 'valign' => true), 'td' => array('abbr' => true, 'align' => true, 'axis' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'colspan' => true, 'dir' => true, 'headers' => true, 'height' => true, 'nowrap' => true, 'rowspan' => true, 'scope' => true, 'valign' => true, 'width' => true), 'textarea' => array('cols' => true, 'rows' => true, 'disabled' => true, 'name' => true, 'readonly' => true), 'tfoot' => array('align' => true, 'char' => true, 'charoff' => true, 'valign' => true), 'th' => array('abbr' => true, 'align' => true, 'axis' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'colspan' => true, 'headers' => true, 'height' => true, 'nowrap' => true, 'rowspan' => true, 'scope' => true, 'valign' => true, 'width' => true), 'thead' => array('align' => true, 'char' => true, 'charoff' => true, 'valign' => true), 'title' => array(), 'tr' => array('align' => true, 'bgcolor' => true, 'char' => true, 'charoff' => true, 'valign' => true), 'track' => array('default' => true, 'kind' => true, 'label' => true, 'src' => true, 'srclang' => true), 'tt' => array(), 'u' => array(), 'ul' => array('type' => true), 'ol' => array('start' => true, 'type' => true), 'var' => array(), 'video' => array('autoplay' => true, 'controls' => true, 'height' => true, 'loop' => true, 'muted' => true, 'poster' => true, 'preload' => true, 'src' => true, 'width' => true));
/**
* Kses allowed HTML elements.
*
* @global array $allowedtags
* @since 1.0.0
*/
$allowedtags = array('a' => array('href' => true, 'title' => true), 'abbr' => array('title' => true), 'acronym' => array('title' => true), 'b' => array(), 'blockquote' => array('cite' => true), 'cite' => array(), 'code' => array(), 'del' => array('datetime' => true), 'em' => array(), 'i' => array(), 'q' => array('cite' => true), 's' => array(), 'strike' => array(), 'strong' => array());
$allowedentitynames = array('nbsp', 'iexcl', 'cent', 'pound', 'curren', 'yen', 'brvbar', 'sect', 'uml', 'copy', 'ordf', 'laquo', 'not', 'shy', 'reg', 'macr', 'deg', 'plusmn', 'acute', 'micro', 'para', 'middot', 'cedil', 'ordm', 'raquo', 'iquest', 'Agrave', 'Aacute', 'Acirc', 'Atilde', 'Auml', 'Aring', 'AElig', 'Ccedil', 'Egrave', 'Eacute', 'Ecirc', 'Euml', 'Igrave', 'Iacute', 'Icirc', 'Iuml', 'ETH', 'Ntilde', 'Ograve', 'Oacute', 'Ocirc', 'Otilde', 'Ouml', 'times', 'Oslash', 'Ugrave', 'Uacute', 'Ucirc', 'Uuml', 'Yacute', 'THORN', 'szlig', 'agrave', 'aacute', 'acirc', 'atilde', 'auml', 'aring', 'aelig', 'ccedil', 'egrave', 'eacute', 'ecirc', 'euml', 'igrave', 'iacute', 'icirc', 'iuml', 'eth', 'ntilde', 'ograve', 'oacute', 'ocirc', 'otilde', 'ouml', 'divide', 'oslash', 'ugrave', 'uacute', 'ucirc', 'uuml', 'yacute', 'thorn', 'yuml', 'quot', 'amp', 'lt', 'gt', 'apos', 'OElig', 'oelig', 'Scaron', 'scaron', 'Yuml', 'circ', 'tilde', 'ensp', 'emsp', 'thinsp', 'zwnj', 'zwj', 'lrm', 'rlm', 'ndash', 'mdash', 'lsquo', 'rsquo', 'sbquo', 'ldquo', 'rdquo', 'bdquo', 'dagger', 'Dagger', 'permil', 'lsaquo', 'rsaquo', 'euro', 'fnof', 'Alpha', 'Beta', 'Gamma', 'Delta', 'Epsilon', 'Zeta', 'Eta', 'Theta', 'Iota', 'Kappa', 'Lambda', 'Mu', 'Nu', 'Xi', 'Omicron', 'Pi', 'Rho', 'Sigma', 'Tau', 'Upsilon', 'Phi', 'Chi', 'Psi', 'Omega', 'alpha', 'beta', 'gamma', 'delta', 'epsilon', 'zeta', 'eta', 'theta', 'iota', 'kappa', 'lambda', 'mu', 'nu', 'xi', 'omicron', 'pi', 'rho', 'sigmaf', 'sigma', 'tau', 'upsilon', 'phi', 'chi', 'psi', 'omega', 'thetasym', 'upsih', 'piv', 'bull', 'hellip', 'prime', 'Prime', 'oline', 'frasl', 'weierp', 'image', 'real', 'trade', 'alefsym', 'larr', 'uarr', 'rarr', 'darr', 'harr', 'crarr', 'lArr', 'uArr', 'rArr', 'dArr', 'hArr', 'forall', 'part', 'exist', 'empty', 'nabla', 'isin', 'notin', 'ni', 'prod', 'sum', 'minus', 'lowast', 'radic', 'prop', 'infin', 'ang', 'and', 'or', 'cap', 'cup', 'int', 'sim', 'cong', 'asymp', 'ne', 'equiv', 'le', 'ge', 'sub', 'sup', 'nsub', 'sube', 'supe', 'oplus', 'otimes', 'perp', 'sdot', 'lceil', 'rceil', 'lfloor', 'rfloor', 'lang', 'rang', 'loz', 'spades', 'clubs', 'hearts', 'diams', 'sup1', 'sup2', 'sup3', 'frac14', 'frac12', 'frac34', 'there4');
$allowedposttags = array_map('_wp_add_global_attributes', $allowedposttags);
} else {
$allowedtags = wp_kses_array_lc($allowedtags);
$allowedposttags = wp_kses_array_lc($allowedposttags);
}
/**
* Filters content and keeps only allowable HTML elements.
*
* This function makes sure that only the allowed HTML element names, attribute
* names and attribute values plus only sane HTML entities will occur in
* $string. You have to remove any slashes from PHP's magic quotes before you
* call this function.
*
* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
* 'irc', 'gopher', 'nntp', 'feed', 'telnet, 'mms', 'rtsp' and 'svn'. This
* covers all common link protocols, except for 'javascript' which should not
* be allowed for untrusted users.
*
* @since 1.0.0
/**
* Filters content and keeps only allowable HTML elements.
*
* This function makes sure that only the allowed HTML element names, attribute
* names and attribute values plus only sane HTML entities will occur in
* $string. You have to remove any slashes from PHP's magic quotes before you
* call this function.
*
* The default allowed protocols are 'http', 'https', 'ftp', 'mailto', 'news',
* 'irc', 'gopher', 'nntp', 'feed', 'telnet, 'mms', 'rtsp' and 'svn'. This
* covers all common link protocols, except for 'javascript' which should not
* be allowed for untrusted users.
*
* @since 1.0.0
*
* @param string $string Content to filter through kses
* @param array $allowed_html List of allowed HTML elements
* @param array $allowed_protocols Optional. Allowed protocol in links.
* @return string Filtered content with only allowed HTML elements
*/
function wp_kses($string, $allowed_html, $allowed_protocols = array())
{
if (empty($allowed_protocols)) {
$allowed_protocols = wp_allowed_protocols();
}
$string = wp_kses_no_null($string);
$string = wp_kses_js_entities($string);
$string = wp_kses_normalize_entities($string);
$allowed_html_fixed = wp_kses_array_lc($allowed_html);
$string = wp_kses_hook($string, $allowed_html_fixed, $allowed_protocols);
// WP changed the order of these funcs and added args to wp_kses_hook
return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
}
