sanitize_user

Sanitizes a username, stripping out unsafe characters.

Description

(string) sanitize_user( (string) $username, (bool) $strict = false ); 

If $strict is true, only alphanumeric characters (as well as _, space, ., -, @) are returned. Removes tags, octets, entities, and if strict is enabled, will remove all non-ASCII characters. After sanitizing, it passes the username, raw username (the username in the parameter), and the strict parameter as parameters for the filter.

Returns (string)

The sanitized username, after passing through filters.

Parameters (2)

0. $username (string)
The username to be sanitized.
1. $strict — Optional. (bool) => false
If set limits $username to specific characters. Default false.

Usage

  1. if ( !function_exists( 'sanitize_user' ) ) { 
  2. require_once ABSPATH . PLUGINDIR . 'buddypress/bp-forums/bbpress/bb-includes/backpress/functions.formatting.php'; 
  3.  
  4. // The username to be sanitized. 
  5. $username = ''; 
  6.  
  7. // If set limits $username to specific characters. Default false. 
  8. $strict = false; 
  9.  
  10. // NOTICE! Understand what this does before running. 
  11. $result = sanitize_user($username, $strict); 
  12.  

Defined (1)

The function is defined in the following location(s).

/bp-forums/bbpress/bb-includes/backpress/functions.formatting.php  
  1. function sanitize_user( $username, $strict = false ) { 
  2. $raw_username = $username; 
  3. $username = wp_strip_all_tags($username); 
  4. // Kill octets 
  5. $username = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $username); 
  6. $username = preg_replace('/&.+?;/', '', $username); // Kill entities 
  7.  
  8. // If strict, reduce to ASCII for max portability. 
  9. if ( $strict ) 
  10. $username = preg_replace('|[^a-z0-9 _.\-@]|i', '', $username); 
  11.  
  12. // Consolidate contiguous whitespace 
  13. $username = preg_replace('|\s+|', ' ', $username); 
  14.  
  15. return apply_filters('sanitize_user', $username, $raw_username, $strict);