wp_kses_attr_check

Determine whether an attribute is allowed.

Description

wp_kses_attr_check( (string) &$name, (string) &$value, (string) &$whole, (string) $vless, (string) $element, (array) $allowed_html ); 

Parameters (6)

0. $name (string) => &$name
The attribute name. Returns empty string when not allowed.
1. $value (string) => &$value
The attribute value. Returns a filtered value.
2. $whole (string) => &$whole
The name=value input. Returns filtered input.
3. $vless (string)
'y' when attribute like enabled,, otherwise n..
4. $element (string)
The name of the element to which this attribute belongs.
5. $allowed_html (array)
The full list of allowed elements and attributes.

Usage

  1. if ( !function_exists( 'wp_kses_attr_check' ) ) { 
  2.     require_once ABSPATH . WPINC . '/kses.php'; 
  4.   
  5. // The attribute name. Returns empty string when not allowed. 
  6. $name = &$name; 
  7.   
  8. // The attribute value. Returns a filtered value. 
  9. $value = &$value; 
  10.   
  11. // The name=value input. Returns filtered input. 
  12. $whole = &$whole; 
  13.   
  14. // 'y' when attribute like "enabled", otherwise 'n'. 
  15. $vless = ''; 
  16.   
  17. // The name of the element to which this attribute belongs. 
  18. $element = ''; 
  19.   
  20. // The full list of allowed elements and attributes. 
  21. $allowed_html = array(); 
  22.   
  23. // NOTICE! Understand what this does before running. 
  24. $result = wp_kses_attr_check($name, $value, $whole, $vless, $element, $allowed_html); 
  25.     

Defined (1)

The function is defined in the following location(s).

/wp-includes/kses.php  
  1. function wp_kses_attr_check( &$name, &$value, &$whole, $vless, $element, $allowed_html ) { 
  2.     $allowed_attr = $allowed_html[strtolower( $element )]; 
  3.  
  4.     $name_low = strtolower( $name ); 
  5.     if ( ! isset( $allowed_attr[$name_low] ) || '' == $allowed_attr[$name_low] ) { 
  6.         $name = $value = $whole = ''; 
  7.         return false; 
  9.  
  10.     if ( 'style' == $name_low ) { 
  11.         $new_value = safecss_filter_attr( $value ); 
  12.  
  13.         if ( empty( $new_value ) ) { 
  14.             $name = $value = $whole = ''; 
  15.             return false; 
  17.  
  18.         $whole = str_replace( $value, $new_value, $whole ); 
  19.         $value = $new_value; 
  21.  
  22.     if ( is_array( $allowed_attr[$name_low] ) ) { 
  23.         // there are some checks 
  24.         foreach ( $allowed_attr[$name_low] as $currkey => $currval ) { 
  25.             if ( ! wp_kses_check_attr_val( $value, $vless, $currkey, $currval ) ) { 
  26.                 $name = $value = $whole = ''; 
  27.                 return false; 
  31.  
  32.     return true;