/** * Filter output of Group Description through WordPress's KSES API. * * @since BuddyPress (1.1.0) * * @param string $content * @return string */ function bp_groups_filter_kses($content = '') { /** * Note that we don't immediately bail if $content is empty. This is because * WordPress's KSES API calls several other filters that might be relevant * to someone's workflow (like `pre_kses`) */ // Get allowed tags using core WordPress API allowing third party plugins // to target the specific `buddypress-groups` context. $allowed_tags = wp_kses_allowed_html('buddypress-groups'); // Add our own tags allowed in group descriptions $allowed_tags['a']['class'] = array(); $allowed_tags['img'] = array(); $allowed_tags['img']['src'] = array(); $allowed_tags['img']['alt'] = array(); $allowed_tags['img']['class'] = array(); $allowed_tags['img']['width'] = array(); $allowed_tags['img']['height'] = array(); $allowed_tags['img']['class'] = array(); $allowed_tags['img']['id'] = array(); $allowed_tags['code'] = array(); /** * Filter HTML elements allowed for a given context. * * @since BuddyPress (1.1.0) * * @param string $allowed_tags Allowed tags, attributes, and/or entities. */ $tags = apply_filters('bp_groups_filter_kses', $allowed_tags); // Return KSES'ed content, allowing the above tags return wp_kses($content, $tags); }
/** * The enhanced default constructor, ends up setting all parameters via the set_ functions * * @param string $title (optional) The title of the breadcrumb * @param string $template (optional) The html template for the breadcrumb * @param string $type (optional) The breadcrumb type * @param string $url (optional) The url the breadcrumb links to */ public function __construct($title = '', $template = '', array $type = array(), $url = NULL, $id = NULL) { //Filter allowed_html array to allow others to add acceptable tags $this->allowed_html = apply_filters('bcn_allowed_html', wp_kses_allowed_html('post')); //The breadcrumb type $this->type = $type; //Set the resource id $this->set_id($id); //Set the title $this->set_title($title); //Assign the breadcrumb template, need strict comparison as we only want to enter if we had a blank URL, not NULL URL if ($template == NULL || $url === '') { if ($url == NULL || $url === '') { $template = __('<span typeof="v:Breadcrumb"><span property="v:title">%htitle%</span></span>', 'breadcrumb-navxt'); } else { $template = __('<span typeof="v:Breadcrumb"><a rel="v:url" property="v:title" title="Go to %title%." href="%link%" class="%type%">%htitle%</a></span>', 'breadcrumb-navxt'); } } //Loose comparison, evaluates to true if URL is '' or NULL if ($url == NULL) { $this->template_no_anchor = wp_kses(apply_filters('bcn_breadcrumb_template_no_anchor', $template, $this->type, $this->id), $this->allowed_html); } else { $this->set_template($template); } //Always NULL if unlinked $this->set_url($url); }
/** * The enhanced default constructor, ends up setting all parameters via the set_ functions * * @param string $title (optional) The title of the breadcrumb * @param string $template (optional) The html template for the breadcrumb * @param string $type (optional) The breadcrumb type * @param string $url (optional) The url the breadcrumb links to */ public function __construct($title = '', $template = '', array $type = array(), $url = '', $id = NULL) { //Filter allowed_html array to allow others to add acceptable tags $this->allowed_html = apply_filters('bcn_allowed_html', wp_kses_allowed_html('post')); //The breadcrumb type $this->type = $type; //Set the resource id $this->set_id($id); //Set the title $this->set_title($title); //Set the default anchorless templates value $this->template_no_anchor = bcn_breadcrumb::default_template_no_anchor; //If we didn't get a good template, use a default template if ($template == NULL) { $this->set_template(bcn_breadcrumb::get_default_template()); } else { //Loose comparison, evaluates to true if URL is '' or NULL if ($url == NULL) { $this->template_no_anchor = wp_kses(apply_filters('bcn_breadcrumb_template_no_anchor', $template, $this->type, $this->id), $this->allowed_html); $this->set_template(bcn_breadcrumb::get_default_template()); } else { $this->set_template($template); } } //Always NULL if unlinked $this->set_url($url); }
private function formatData($data, $section) { if (!isset($data['elements'])) { $data['elements'] = array(); } $data = wp_parse_args($data, $section->getDefaults()); // Get around id being a reserved keyword. This way we can still use it in render methods for elements if (isset($data['custom_id'])) { $data['id'] = $data['custom_id']; } // Format data before rendering foreach ($data as $key => $item) { if (is_array($item) && count($item) == 5 && ($item[4] == 'linked' || $item[4] == 'unlinked')) { $data[$key . '_linked'] = array_pop($item); $data[$key] = array_map('esc_html', array($item[0], $item[1], $item[2], $item[3])); continue; } // Convert boolean to string if ($item === true) { $data[$key] = 'true'; continue; } if ($item === false) { $data[$key] = 'false'; continue; } if (is_string($item) && !current_user_can('unfiltered_html')) { $data[$key] = wp_kses($item, wp_kses_allowed_html('post')); continue; } } return $data; }
public static function sgPopupDataSanitize($sgPopupData) { $allowedHtmltags = wp_kses_allowed_html('post'); $allowedHtmltags['input'] = array('name' => true, 'class' => true, 'id' => true, 'placeholder' => true, 'title' => true, 'value' => true, 'type' => true); $allowedHtmltags['iframe'] = array('name' => true, 'class' => true, 'id' => true, 'title' => true, 'src' => true, 'height' => true, 'width' => true); return wp_kses($sgPopupData, $allowedHtmltags); }
/** * The enhanced default constructor, ends up setting all parameters via the set_ functions * * @param string $title (optional) The title of the breadcrumb * @param string $template (optional) The html template for the breadcrumb * @param string $type (optional) The breadcrumb type * @param string $url (optional) The url the breadcrumb links to */ public function bcn_breadcrumb($title = '', $template = '', $type = '', $url = NULL, $id = NULL) { //Filter allowed_html array to allow others to add acceptable tags $this->allowed_html = apply_filters('bcn_allowed_html', wp_kses_allowed_html('post')); //The breadcrumb type $this->type = $type; //Set the resource id $this->set_id($id); //Set the title $this->set_title($title); //Assign the breadcrumb template if ($template == NULL) { if ($url == NULL) { $template = $this->template = __('%htitle%', 'breadcrumb-navxt'); } else { $template = __('<a title="Go to %ftitle%." href="%link%" class="%type%">%htitle%</a>', 'breadcrumb-navxt'); } } if ($url == NULL) { $this->template_no_anchor = wp_kses($template, $this->allowed_html); } else { $this->set_template($template); } //Always NULL if unlinked $this->set_url($url); }
/** * Sanitize editor * * @param mixed $new * @param mixed $old * @param int $post_id * @param array $field * * @return string */ static function value($new, $old, $post_id, $field) { $prefix = 'wppf-'; $the_field_id = $prefix . $field['id']; $allowed_html = apply_filters('wppf_editor_field_allowed_html', wp_kses_allowed_html('post')); return wp_kses($_POST[$the_field_id], $allowed_html); }
public function create_feedback($params) { global $un_settings; if (isset($params['title']) && $params['title']) { $title = $params['title']; } $content = $params['description']; if (empty($params['title'])) { $title = substr($content, 0, 150) . (strlen($content) < 150 ? '' : "…"); } $id = wp_insert_post(array('post_type' => FEEDBACK, 'post_title' => wp_kses(apply_filters('un_feedback_title', $title, $params), wp_kses_allowed_html()), 'post_content' => wp_kses(apply_filters('un_feedback_content', $content, $params), wp_kses_allowed_html()), 'post_status' => un_get_option(UN_PUBLISH_DIRECTLY) ? 'publish' : 'pending', 'post_author' => 0)); $email = isset($params['email']) ? trim($params['email']) : ''; if ($email) { add_post_meta($id, '_email', $email); } if (is_user_logged_in()) { add_post_meta($id, '_author', get_current_user_id()); } if (isset($params['name']) && trim($params['name'])) { add_post_meta($id, '_name', wp_kses(trim($params['name']), wp_kses_allowed_html())); } wp_set_post_terms($id, $params['type'], FEEDBACK_TYPE); do_action('un_feedback_created', $id, $params); $this->send_admin_message($id, $params); }
/** * The enhanced default constructor, ends up setting all parameters via the set_ functions * * @param string $title (optional) The title of the breadcrumb * @param string $template (optional) The html template for the breadcrumb * @param string $type (optional) The breadcrumb type * @param string $url (optional) The url the breadcrumb links to */ public function __construct($title = '', $template = '', $type = '', $url = NULL, $id = NULL) { //Filter allowed_html array to allow others to add acceptable tags $this->allowed_html = apply_filters('bcn_allowed_html', wp_kses_allowed_html('post')); //The breadcrumb type $this->type = $type; //Set the resource id $this->set_id($id); //Set the title $this->set_title($title); //Assign the breadcrumb template if ($template == NULL) { if ($url == NULL) { $template = __('<span typeof="v:Breadcrumb"><span property="v:title">%htitle%</span></span>', 'breadcrumb-navxt'); } else { $template = __('<span typeof="v:Breadcrumb"><a rel="v:url" property="v:title" title="Go to %title%." href="%link%" class="%type%">%htitle%</a></span>', 'breadcrumb-navxt'); } } if ($url == NULL) { $this->template_no_anchor = wp_kses(apply_filters('bcn_breadcrumb_template_no_anchor', $template, $this->type, $this->id), $this->allowed_html); } else { $this->set_template($template); } //Always NULL if unlinked $this->set_url($url); }
/** * removes all tags which a WP Post wouldn't allow in its content normally * @param string $value * @return string */ function prepare_for_set($value) { if (!current_user_can('unfiltered_html')) { $value = wp_kses("{$value}", wp_kses_allowed_html('post')); } return parent::prepare_for_set($value); }
/** * A lazy way to build, configure and display a new pagination. * * @param string $pagination The pagination type, can be one of the following: * - Posts * - Post * - Comments * - Custom * @param array $args Configuration options to modify the pagination settings. * @param bool $echo Whether to display or return the output. True will display, false will return. */ function carbon_pagination($pagination, $args = array(), $echo = true) { $output = Carbon_Pagination_Presenter::display($pagination, $args, false); if (!$echo) { return $output; } echo wp_kses($output, wp_kses_allowed_html('post')); }
public function sanitize_settings() { parent::sanitize_settings(); if (is_multisite() || !current_user_can('manage_options')) { $allowed_tags = wp_kses_allowed_html('post'); $this->content = wp_kses($this->content, $allowed_tags); } }
/** * Allow <input> and <script> tags * */ function phn_sanitize_content($content) { $wp_allowed_html = wp_kses_allowed_html('post'); $custom_allowed_html = array('input' => array('name' => array(), 'id' => array(), 'value' => array(), 'class' => array(), 'type' => array(), 'onblur' => array(), 'onfocus' => array()), 'script' => array('type' => array(), 'src' => array())); $allowed_html = $wp_allowed_html + $custom_allowed_html; $sanitized_content = wp_kses($content, $allowed_html); return $sanitized_content; }
public static function sanitize_output($content) { $allowed = wp_kses_allowed_html('post'); $options = get_option('iwt_options'); if (array_key_exists('contentelements', $options) && json_decode($options['contentelements']) != null) { $allowed = json_decode($options['contentelements'], true); } return wp_kses((string) $content, $allowed); }
/** * Display the admin notices */ public function admin_notices() { if (!empty($notices)) { foreach ($notices as $notice) { echo '<div class="' . esc_attr($notice['type']) . '"> <p>' . wp_kses($notice['message'], wp_kses_allowed_html('post')) . '</p> </div>'; } } }
/** * Display the admin notices */ public function admin_notices() { if (!empty($this->notices)) { foreach ($this->notices as $notice) { echo '<div class="' . $notice['msg_type'] . '"> <p>' . wp_kses($notice['msg'], wp_kses_allowed_html('post')) . '</p> </div>'; } } }
function update($new_instance, $old_instance) { $instance = $old_instance; $instance['ci_title'] = sanitize_text_field($new_instance['ci_title']); $instance['ci_image'] = esc_url_raw($new_instance['ci_image']); $instance['ci_align'] = sanitize_key($new_instance['ci_align']); $instance['ci_about'] = wp_kses($new_instance['ci_about'], wp_kses_allowed_html('post')); ci_register_string_translation('About Me - Title', $instance['ci_title'], 'Widgets'); ci_register_string_translation('About Me - Text', $instance['ci_about'], 'Widgets'); return $instance; }
/** * Test that we add extra attributes to our allowed html for wp_kses_post * * @since 1.0.0 * * @param null * @return null */ public function test_add_allowed_html() { // Now we should have added some extra attributes $after = wp_kses_allowed_html('post'); // Ensure we can use 'data-toggle' attributes for anchors $a_data_toggle_exists_after = isset($after['a']['data-toggle']); $this->assertTrue($a_data_toggle_exists_after); // Ensure we can use data-category attributes for divs $div_data_category_exists_after = isset($after['div']['data-category']); $this->assertTrue($div_data_category_exists_after); }
public static function kses_html($html) { if (function_exists('wp_kses_allowed_html')) { $allowed_post_html = wp_kses_allowed_html('post'); } else { global $allowedposttags; $allowed_post_html = $allowedposttags; } $allow = array_merge($allowed_post_html, array('link' => array('href' => true, 'rel' => true, 'type' => true), 'style' => array('type' => true))); return wp_kses($html, $allow); }
function pix_sanitize_editor($content) { if ('' === $content) { return ''; } if (current_user_can('unfiltered_html')) { return wp_kses($content, wp_kses_allowed_html('post')); } else { return stripslashes(wp_filter_post_kses(addslashes($content))); } }
/** * Display the admin notices */ public function admin_notices() { $notices = apply_filters('woocommerce_pos_admin_notices', self::$notices); if (!empty($notices)) { foreach ($notices as $notice) { echo '<div class="' . esc_attr($notice['type']) . '"> <p>' . wp_kses($notice['message'], wp_kses_allowed_html('post')) . '</p> </div>'; } } }
function wpsight_year_shortcode($atts) { $defaults = array('before' => '© ', 'after' => '', 'first' => '', 'wrap' => 'span'); extract(shortcode_atts($defaults, $atts)); $first_year = !empty($first) && $first != date('Y') ? $first . ' – ' : false; $output = sprintf('%1$s%4$s%3$s%2$s', $before, $after, date('Y'), $first_year); // Optionally wrap shortcode in HTML tags if (!empty($wrap) && $wrap != 'false' && in_array($wrap, array_keys(wp_kses_allowed_html('post')))) { $output = sprintf('<%2$s class="the-year">%1$s</%2$s>', $output, $wrap); } return apply_filters('wpsight_year_shortcode', $output, $atts); }
/** * Validate the given data, assuming it is from a textarea field. * @access public * @since 6.0.0 * @return void */ public function validate_field_textarea($v, $k) { // Allow iframe, object and embed tags in textarea fields. $allowed = wp_kses_allowed_html('post'); $allowed['iframe'] = array('src' => true, 'width' => true, 'height' => true, 'id' => true, 'class' => true, 'name' => true); $allowed['object'] = array('src' => true, 'width' => true, 'height' => true, 'id' => true, 'class' => true, 'name' => true); $allowed['embed'] = array('src' => true, 'width' => true, 'height' => true, 'id' => true, 'class' => true, 'name' => true); // Allow script tags in the Google Analytics field. if (is_array($k) && isset($k['id']) && in_array($k['id'], $this->get_script_supported_fields())) { $allowed['script'] = array('type' => true, 'id' => true, 'class' => true); } return wp_kses($v, $allowed); }
public function sanitize_settings() { parent::sanitize_settings(); if ($this->nextButton) { $this->nextButton['imageUrl'] = wp_strip_all_tags($this->nextButton['imageUrl']); $allowed_tags = wp_kses_allowed_html('post'); $this->nextButton['text'] = wp_kses($this->nextButton['text'], $allowed_tags); $this->nextButton['type'] = wp_strip_all_tags($this->nextButton['type']); if (isset($this->nextButton['conditionalLogic']) && is_array($this->nextButton['conditionalLogic'])) { $this->nextButton['conditionalLogic'] = $this->sanitize_settings_conditional_logic($this->nextButton['conditionalLogic']); } } }
/** * Callback for Voce_Settings_API for showing a dropdown of pages * * @param type $value value of setting * @param type $setting setting object * @param type $setting_args args from setting */ function eventbrite_venue_page_settings_cb($value, $setting, $setting_args) { $dropdown = wp_dropdown_pages(array('echo' => false, 'name' => esc_attr($setting->get_field_name()), 'show_option_none' => __('— Select —', 'eventbrite-parent'), 'option_none_value' => '0', 'selected' => get_eventbrite_setting($setting->setting_key, '0'))); if (!$dropdown) { echo '<p>' . sprintf(__("You don't have any published pages. To use this feature <a href='%s'>create a new page</a> then come back here and update this.", 'eventbrite-parent') . '</p>', esc_url(admin_url('post-new.php?post_type=page'))); return; } else { printf('<div class="page-select">%s</div>', $dropdown); } if (!empty($setting_args['description'])) { echo sprintf('<span class="description">%s</span>', wp_kses($setting_args['description'], wp_kses_allowed_html())); } printf('<p><a href="%1$s">%2$s</a></p>', esc_url(admin_url('post-new.php?post_type=page')), __('Create new page', 'eventbrite-parent')); }
function wpsight_icon_shortcode($atts) { $defaults = array('type' => 'thumbs-up', 'class' => '', 'size' => '', 'before' => '', 'after' => '', 'wrap' => 'span'); extract(shortcode_atts($defaults, $atts)); // Replace icon- just in case $type = str_replace('icon-', '', $type); // Set font-size $size = !empty($size) ? ' style="font-size:' . $size . '"' : false; $output = sprintf('%1$s<i class="icon-%3$s %4$s"></i>%2$s', $before, $after, $type, $class); // Optionally wrap shortcode in HTML tags if (!empty($wrap) && $wrap != 'false' && in_array($wrap, array_keys(wp_kses_allowed_html('post')))) { $output = sprintf('<%2$s class="wpsight-icon-sc"%3$s>%1$s</%2$s>', $output, $wrap, $size); } return apply_filters('wpsight_icon_shortcode', $output, $atts); }
/** * Custom admin columns implementation * * @access public * @param string $column * @return array */ public static function custom_columns_manage($column) { $object = get_post_meta(get_the_ID(), REALIA_TRANSACTION_PREFIX . 'object', true); $object_id = get_post_meta(get_the_ID(), REALIA_TRANSACTION_PREFIX . 'object_id', true); $post = get_post($object_id); $payment_type = get_post_meta(get_the_ID(), REALIA_TRANSACTION_PREFIX . 'payment_type', true); $object = unserialize($object); switch ($column) { case 'price': echo wp_kses($object['price_formatted'], wp_kses_allowed_html('post')); break; case 'id': echo get_the_ID(); break; case 'object': echo sprintf('<a href="%s">%s</a>', get_permalink($object_id), get_the_title($object_id)); break; case 'success': if ($object['success'] == 'true') { echo '<div class="dashicons-before dashicons-yes green"></div>'; } else { echo '<div class="dashicons-before dashicons-no red"></div>'; } break; case 'type': switch ($payment_type) { case 'pay_for_featured': echo __('Feature property', 'realia'); break; case 'sticky_post': echo __('Sticky post', 'realia'); break; case 'pay_per_post': echo __('Pay per post', 'realia'); break; case 'package': echo __('Package', 'realia'); break; default: echo esc_html($payment_type); break; } break; case 'gateway': echo esc_attr($object['gateway']); break; } }
function h5ab_custom_styling_site() { $allowedHTML = wp_kses_allowed_html('post'); $wholeSiteExternal = isset($_POST['h5ab-whole-site-custom-external']) ? $_POST['h5ab-whole-site-custom-external'] : null; $wholeSiteExternal = str_replace("'", '"', $wholeSiteExternal); $wholeSiteStyling = isset($_POST['h5ab-whole-site-custom-styling']) ? $_POST['h5ab-whole-site-custom-styling'] : null; $wholeSiteExternalKSES = wp_kses(stripslashes($wholeSiteExternal), H5AB_Custom_Styling::$h5ab_custom_styling_kses); $wholeSiteStylingKSES = wp_kses(stripslashes($wholeSiteStyling), $allowedHTML); $h5abCustomCSSTheme = isset($_POST['h5ab-css-custom-theme']) ? trim(strip_tags($_POST['h5ab-css-custom-theme'])) : null; $updatedExternal = update_option('h5abCustomExternal', $wholeSiteExternalKSES); $updatedStyling = update_option('h5abCustomStyling', $wholeSiteStylingKSES); $h5abCustomCSSTheme = sanitize_text_field($h5abCustomCSSTheme); $updatedTheme = update_option('h5abCustomStylingTheme', $h5abCustomCSSTheme); $success = $updatedExternal || $updatedStyling || $updatedTheme || $updatedExternal && $updatedTheme || $updatedTheme && $updatedStyling || $updatedExternal && $updatedStyling && $updatedTheme ? true : false; $message = $success ? 'Settings successfully saved' : 'Settings could not be saved'; $response = array('success' => $success, 'message' => esc_attr($message)); return $response; }
/** * Save post */ public function save_post($post_id) { if (filter_has_var(INPUT_POST, 'orbis_subscription_cancel')) { $nonce = filter_input(INPUT_POST, 'orbis_subscription_cancel_nonce', FILTER_SANITIZE_STRING); if (wp_verify_nonce($nonce, 'orbis_subscription_cancel')) { global $wpdb; $result = $wpdb->update($wpdb->orbis_subscriptions, array('cancel_date' => current_time('mysql')), array('post_id' => $post_id), array('%s'), array('%d')); // Comment $user = wp_get_current_user(); $comment_content = sprintf(__("This subscription is just '%s' by %s.", 'orbis_subscriptions'), __('canceled', 'orbis_subscriptions'), $user->display_name); $content = wp_kses_post(filter_input(INPUT_POST, 'orbis_subscription_cancel_content', FILTER_UNSAFE_RAW), wp_kses_allowed_html()); if (!empty($content)) { $comment_content .= "\r\n\r\n"; $comment_content .= $content; } $data = array('comment_post_ID' => $post_id, 'comment_content' => $comment_content, 'comment_author' => 'Orbis', 'comment_type' => 'orbis_comment'); wp_insert_comment($data); } } }
/** * Escapes text for HTML output, allowing certain tags * * Takes an arbitrary string and ensures it's safe for output into HTML. Unlike * `esc_html`, this allows a certain subset of tags, allowing it to be used for * strings which need to have some HTML in them (such as translated text). * * Allowed tags can be passed in one of two formats. The verbose form is the * traditional kses form of * `[ 'element' => array( 'attr' => true, 'otherattr' => true ) ]` which * specifies tags and their attributes. * * The concise form, useful for inline usage on output, is in the form of * `[ 'element', 'otherelement' ]` - This concise form takes the attribute list * from WP core's attribute whitelist for a good-enough list for most usages. * This can also be passed as a comma separated string. * * (You can also mix these forms, so something like * `[ 'a', 'code', 'x-panel' => array( 'src' => true ) ] )` is perfectly valid.) * * For example: * * whitelist_html( __( 'Hello <a href="http://example.com">World!</a>' ), 'a' ); * * This example would strip any tag except `a`, but would allow the default * attributes on it (`href` and `title`). * * The default attributes and tags are based on {@see wp_kses_allowed_html} with * the blank (default) "context". These are the tags in {@see $allowedtags}. To * get all allowed post tags, pass `'post'` as the `$context` parameter, or pass * the tags you need in the `$allowedtags` array. If a specified tag is not in * the list, no attributes will be allowed. * * @link https://www.tollmanz.com/wp-kses-performance/ * * @param string $text Content to escape * @param array $allowedtags Allowed tags, see description. * @param string $context kses context to use, {@see wp_kses_allowed_html}. * @return string Escaped string for output into HTML context. */ function whitelist_html($text, $allowedtags = array(), $context = '') { $actually_allowed = array(); $default_list = wp_kses_allowed_html($context); // Split comma-separated string if (is_string($allowedtags)) { $allowedtags = array_map('trim', explode(',', $allowedtags)); } foreach ($allowedtags as $key => $tag) { if (is_array($tag) && is_string($key)) { // kses-formatted of `'element' => [ 'attr' => true ] // `$tag` is actually the attrs, and `$key` is the tag name $actually_allowed[$key] = $tag; continue; } if (!is_string($tag)) { // Not concise form, what even is this? _doing_it_wrong('whitelist_html', '$allowedtags must consist of strings or kses-style arrays'); continue; } // Grab default attributes for the tag $attrs = array(); if (isset($default_list[$tag])) { $attrs = $default_list[$tag]; } // Add to allowed list $actually_allowed[$tag] = $attrs; } // Do the sanitization dance $sanitized = wp_kses($text, $actually_allowed); /** * Filter a string to be output into HTML, allowing some tags * * @param string $sanitized The text after it has been escaped. * @param string $text The text before it has been escaped. * @param string $allowedtags Tags requested to whitelist. * @param string */ return apply_filters('whitelist_html', $sanitized, $text, $allowedtags, $context); }