eventespresso /
event-espresso-core
| @@ 157-189 (lines=33) @@ | ||
| 154 | */ |
|
| 155 | public static function sanitize_attributes(array $attributes, $custom_sanitization = array()) |
|
| 156 | { |
|
| 157 | foreach ($attributes as $key => $value) { |
|
| 158 | // is a custom sanitization callback specified ? |
|
| 159 | if ( isset($custom_sanitization[$key])) { |
|
| 160 | $callback = $custom_sanitization[$key]; |
|
| 161 | if ($callback === 'skip_sanitization') { |
|
| 162 | $attributes[$key] = $value; |
|
| 163 | continue; |
|
| 164 | } else if (function_exists($callback)){ |
|
| 165 | $attributes[$key] = $callback($value); |
|
| 166 | continue; |
|
| 167 | } |
|
| 168 | } |
|
| 169 | switch (true) { |
|
| 170 | case $value === null : |
|
| 171 | case is_int($value) : |
|
| 172 | case is_float($value) : |
|
| 173 | // typical booleans |
|
| 174 | case in_array($value, array(true, 'true', '1', 'on', 'yes', false, 'false', '0', 'off', 'no'), true) : |
|
| 175 | $attributes[$key] = $value; |
|
| 176 | break; |
|
| 177 | case is_string($value) : |
|
| 178 | $attributes[$key] = sanitize_text_field($value); |
|
| 179 | break; |
|
| 180 | case is_array($value) : |
|
| 181 | $attributes[$key] = \EES_Shortcode::sanitize_attributes($value); |
|
| 182 | break; |
|
| 183 | default : |
|
| 184 | // only remaining data types are Object and Resource |
|
| 185 | // which are not allowed as shortcode attributes |
|
| 186 | $attributes[$key] = null; |
|
| 187 | break; |
|
| 188 | } |
|
| 189 | } |
|
| 190 | return $attributes; |
|
| 191 | } |
|
| 192 | ||
| @@ 153-185 (lines=33) @@ | ||
| 150 | private function sanitizeAttributes(array $attributes) |
|
| 151 | { |
|
| 152 | $custom_sanitization = $this->customAttributeSanitizationMap(); |
|
| 153 | foreach ($attributes as $key => $value) { |
|
| 154 | // is a custom sanitization callback specified ? |
|
| 155 | if (isset($custom_sanitization[$key])) { |
|
| 156 | $callback = $custom_sanitization[$key]; |
|
| 157 | if ($callback === 'skip_sanitization') { |
|
| 158 | $attributes[$key] = $value; |
|
| 159 | continue; |
|
| 160 | } else if (function_exists($callback)) { |
|
| 161 | $attributes[$key] = $callback($value); |
|
| 162 | continue; |
|
| 163 | } |
|
| 164 | } |
|
| 165 | switch (true) { |
|
| 166 | case $value === null : |
|
| 167 | case is_int($value) : |
|
| 168 | case is_float($value) : |
|
| 169 | // typical booleans |
|
| 170 | case in_array($value, array(true, 'true', '1', 'on', 'yes', false, 'false', '0', 'off', 'no'), true) : |
|
| 171 | $attributes[$key] = $value; |
|
| 172 | break; |
|
| 173 | case is_string($value) : |
|
| 174 | $attributes[$key] = sanitize_text_field($value); |
|
| 175 | break; |
|
| 176 | case is_array($value) : |
|
| 177 | $attributes[$key] = $this->sanitizeAttributes($value); |
|
| 178 | break; |
|
| 179 | default : |
|
| 180 | // only remaining data types are Object and Resource |
|
| 181 | // which are not allowed as shortcode attributes |
|
| 182 | $attributes[$key] = null; |
|
| 183 | break; |
|
| 184 | } |
|
| 185 | } |
|
| 186 | return $attributes; |
|
| 187 | } |
|
| 188 | ||
