/inc/includes/class-options-sanitize.php

  1. <?php 
  2.  
  3. /** 
  4. * Sanitization for text input 
  5. * 
  6. * @link http://developer.wordpress.org/reference/functions/sanitize_text_field/ 
  7. */ 
  8. add_filter( 'of_sanitize_text', 'sanitize_text_field' ); 
  9.  
  10. /** 
  11. * Sanitization for password input 
  12. * 
  13. * @link http://developer.wordpress.org/reference/functions/sanitize_text_field/ 
  14. */ 
  15. add_filter( 'of_sanitize_password', 'sanitize_text_field' ); 
  16.  
  17. /** 
  18. * Sanitization for select input 
  19. * 
  20. * Validates that the selected option is a valid option. 
  21. */ 
  22. add_filter( 'of_sanitize_select', 'of_sanitize_enum', 10, 2 ); 
  23.  
  24. /** 
  25. * Sanitization for radio input 
  26. * 
  27. * Validates that the selected option is a valid option. 
  28. */ 
  29. add_filter( 'of_sanitize_radio', 'of_sanitize_enum', 10, 2 ); 
  30.  
  31. /** 
  32. * Sanitization for image selector 
  33. * 
  34. * Validates that the selected option is a valid option. 
  35. */ 
  36. add_filter( 'of_sanitize_images', 'of_sanitize_enum', 10, 2 ); 
  37.  
  38. /** 
  39. * Sanitization for textarea field 
  40. * 
  41. * @param $input string 
  42. * @return $output sanitized string 
  43. */ 
  44. function of_sanitize_textarea( $input ) { 
  45. global $allowedposttags; 
  46. $output = wp_kses( $input, $allowedposttags ); 
  47. return $output; 
  48. add_filter( 'of_sanitize_textarea', 'of_sanitize_textarea' ); 
  49.  
  50. /** 
  51. * Sanitization for checkbox input 
  52. * 
  53. * @param $input string (1 or empty) checkbox state 
  54. * @return $output '1' or false 
  55. */ 
  56. function of_sanitize_checkbox( $input ) { 
  57. if ( $input ) { 
  58. $output = '1'; 
  59. } else { 
  60. $output = false; 
  61. return $output; 
  62. add_filter( 'of_sanitize_checkbox', 'of_sanitize_checkbox' ); 
  63.  
  64. /** 
  65. * Sanitization for multicheck 
  66. * 
  67. * @param array of checkbox values 
  68. * @return array of sanitized values ('1' or false) 
  69. */ 
  70. function of_sanitize_multicheck( $input, $option ) { 
  71. $output = ''; 
  72. if ( is_array( $input ) ) { 
  73. foreach( $option['options'] as $key => $value ) { 
  74. $output[$key] = false; 
  75. foreach( $input as $key => $value ) { 
  76. if ( array_key_exists( $key, $option['options'] ) && $value ) { 
  77. $output[$key] = '1'; 
  78. return $output; 
  79. add_filter( 'of_sanitize_multicheck', 'of_sanitize_multicheck', 10, 2 ); 
  80.  
  81. /** 
  82. * File upload sanitization. 
  83. * 
  84. * Returns a sanitized filepath if it has a valid extension. 
  85. * 
  86. * @param string $input filepath 
  87. * @returns string $output filepath 
  88. */ 
  89. function of_sanitize_upload( $input ) { 
  90. $output = ''; 
  91. $filetype = wp_check_filetype( $input ); 
  92. if ( $filetype["ext"] ) { 
  93. $output = esc_url( $input ); 
  94. return $output; 
  95. add_filter( 'of_sanitize_upload', 'of_sanitize_upload' ); 
  96.  
  97. /** 
  98. * Sanitization for editor input. 
  99. * 
  100. * Returns unfiltered HTML if user has permissions. 
  101. * 
  102. * @param string $input 
  103. * @returns string $output 
  104. */ 
  105. function of_sanitize_editor( $input ) { 
  106. if ( current_user_can( 'unfiltered_html' ) ) { 
  107. $output = $input; 
  108. else { 
  109. global $allowedposttags; 
  110. $output = wpautop( wp_kses( $input, $allowedposttags ) ); 
  111. return $output; 
  112. add_filter( 'of_sanitize_editor', 'of_sanitize_editor' ); 
  113.  
  114. /** 
  115. * Sanitization of input with allowed tags and wpautotop. 
  116. * 
  117. * Allows allowed tags in html input and ensures tags close properly. 
  118. * 
  119. * @param string $input 
  120. * @returns string $output 
  121. */ 
  122. function of_sanitize_allowedtags( $input ) { 
  123. global $allowedtags; 
  124. $output = wpautop( wp_kses( $input, $allowedtags ) ); 
  125. return $output; 
  126.  
  127. /** 
  128. * Sanitization of input with allowed post tags and wpautotop. 
  129. * 
  130. * Allows allowed post tags in html input and ensures tags close properly. 
  131. * 
  132. * @param string $input 
  133. * @returns string $output 
  134. */ 
  135. function of_sanitize_allowedposttags( $input ) { 
  136. global $allowedposttags; 
  137. $output = wpautop( wp_kses( $input, $allowedposttags) ); 
  138. return $output; 
  139.  
  140. /** 
  141. * Validates that the $input is one of the avilable choices 
  142. * for that specific option. 
  143. * 
  144. * @param string $input 
  145. * @returns string $output 
  146. */ 
  147. function of_sanitize_enum( $input, $option ) { 
  148. $output = ''; 
  149. if ( array_key_exists( $input, $option['options'] ) ) { 
  150. $output = $input; 
  151. return $output; 
  152.  
  153. /** 
  154. * Sanitization for background option. 
  155.   
  156. * 
  157. * @returns array $output 
  158. */ 
  159. function of_sanitize_background( $input ) { 
  160.  
  161. $output = wp_parse_args( $input, array( 
  162. 'color' => '',  
  163. 'image' => '',  
  164. 'repeat' => 'repeat',  
  165. 'position' => 'top center',  
  166. 'attachment' => 'scroll' 
  167. ) ); 
  168.  
  169. $output['color'] = apply_filters( 'of_sanitize_hex', $input['color'] ); 
  170. $output['image'] = apply_filters( 'of_sanitize_upload', $input['image'] ); 
  171. $output['repeat'] = apply_filters( 'of_background_repeat', $input['repeat'] ); 
  172. $output['position'] = apply_filters( 'of_background_position', $input['position'] ); 
  173. $output['attachment'] = apply_filters( 'of_background_attachment', $input['attachment'] ); 
  174.  
  175. return $output; 
  176. add_filter( 'of_sanitize_background', 'of_sanitize_background' ); 
  177.  
  178. /** 
  179. * Sanitization for background repeat 
  180. * 
  181. * @returns string $value if it is valid 
  182. */ 
  183. function of_sanitize_background_repeat( $value ) { 
  184. $recognized = of_recognized_background_repeat(); 
  185. if ( array_key_exists( $value, $recognized ) ) { 
  186. return $value; 
  187. return apply_filters( 'of_default_background_repeat', current( $recognized ) ); 
  188. add_filter( 'of_background_repeat', 'of_sanitize_background_repeat' ); 
  189.  
  190. /** 
  191. * Sanitization for background position 
  192. * 
  193. * @returns string $value if it is valid 
  194. */ 
  195. function of_sanitize_background_position( $value ) { 
  196. $recognized = of_recognized_background_position(); 
  197. if ( array_key_exists( $value, $recognized ) ) { 
  198. return $value; 
  199. return apply_filters( 'of_default_background_position', current( $recognized ) ); 
  200. add_filter( 'of_background_position', 'of_sanitize_background_position' ); 
  201.  
  202. /** 
  203. * Sanitization for background attachment 
  204. * 
  205. * @returns string $value if it is valid 
  206. */ 
  207. function of_sanitize_background_attachment( $value ) { 
  208. $recognized = of_recognized_background_attachment(); 
  209. if ( array_key_exists( $value, $recognized ) ) { 
  210. return $value; 
  211. return apply_filters( 'of_default_background_attachment', current( $recognized ) ); 
  212. add_filter( 'of_background_attachment', 'of_sanitize_background_attachment' ); 
  213.  
  214. /** 
  215. * Sanitization for typography option. 
  216. */ 
  217. function of_sanitize_typography( $input, $option ) { 
  218.  
  219. $output = wp_parse_args( $input, array( 
  220. 'size' => '',  
  221. 'face' => '',  
  222. 'style' => '',  
  223. 'color' => '' 
  224. ) ); 
  225.  
  226. if ( isset( $option['options']['faces'] ) && isset( $input['face'] ) ) { 
  227. if ( !( array_key_exists( $input['face'], $option['options']['faces'] ) ) ) { 
  228. $output['face'] = ''; 
  229. else { 
  230. $output['face'] = apply_filters( 'of_font_face', $output['face'] ); 
  231.  
  232. $output['size'] = apply_filters( 'of_font_size', $output['size'] ); 
  233. $output['style'] = apply_filters( 'of_font_style', $output['style'] ); 
  234. $output['color'] = apply_filters( 'of_sanitize_color', $output['color'] ); 
  235. return $output; 
  236. add_filter( 'of_sanitize_typography', 'of_sanitize_typography', 10, 2 ); 
  237.  
  238. /** 
  239. * Sanitization for font size 
  240. */ 
  241. function of_sanitize_font_size( $value ) { 
  242. $recognized = of_recognized_font_sizes(); 
  243. $value_check = preg_replace('/px/', '', $value); 
  244. if ( in_array( (int) $value_check, $recognized ) ) { 
  245. return $value; 
  246. return apply_filters( 'of_default_font_size', $recognized ); 
  247. add_filter( 'of_font_size', 'of_sanitize_font_size' ); 
  248.  
  249. /** 
  250. * Sanitization for font style 
  251. */ 
  252. function of_sanitize_font_style( $value ) { 
  253. $recognized = of_recognized_font_styles(); 
  254. if ( array_key_exists( $value, $recognized ) ) { 
  255. return $value; 
  256. return apply_filters( 'of_default_font_style', current( $recognized ) ); 
  257. add_filter( 'of_font_style', 'of_sanitize_font_style' ); 
  258.  
  259. /** 
  260. * Sanitization for font face 
  261. */ 
  262. function of_sanitize_font_face( $value ) { 
  263. $recognized = of_recognized_font_faces(); 
  264. if ( array_key_exists( $value, $recognized ) ) { 
  265. return $value; 
  266. return apply_filters( 'of_default_font_face', current( $recognized ) ); 
  267. add_filter( 'of_font_face', 'of_sanitize_font_face' ); 
  268.  
  269. /** 
  270. * Get recognized background repeat settings 
  271. * 
  272. * @return array 
  273. */ 
  274. function of_recognized_background_repeat() { 
  275.  
  276. $default = array( 
  277. 'no-repeat' => __( 'No Repeat', 'skt-photo-session' ),  
  278. 'repeat-x' => __( 'Repeat Horizontally', 'skt-photo-session' ),  
  279. 'repeat-y' => __( 'Repeat Vertically', 'skt-photo-session' ),  
  280. 'repeat' => __( 'Repeat All', 'skt-photo-session' ),  
  281. ); 
  282. return apply_filters( 'of_recognized_background_repeat', $default ); 
  283.  
  284. /** 
  285. * Get recognized background positions 
  286. * 
  287. * @return array 
  288. */ 
  289. function of_recognized_background_position() { 
  290. $default = array( 
  291. 'top left' => __( 'Top Left', 'skt-photo-session' ),  
  292. 'top center' => __( 'Top Center', 'skt-photo-session' ),  
  293. 'top right' => __( 'Top Right', 'skt-photo-session' ),  
  294. 'center left' => __( 'Middle Left', 'skt-photo-session' ),  
  295. 'center center' => __( 'Middle Center', 'skt-photo-session' ),  
  296. 'center right' => __( 'Middle Right', 'skt-photo-session' ),  
  297. 'bottom left' => __( 'Bottom Left', 'skt-photo-session' ),  
  298. 'bottom center' => __( 'Bottom Center', 'skt-photo-session' ),  
  299. 'bottom right' => __( 'Bottom Right', 'skt-photo-session') 
  300. ); 
  301. return apply_filters( 'of_recognized_background_position', $default ); 
  302.  
  303. /** 
  304. * Get recognized background attachment 
  305. * 
  306. * @return array 
  307. */ 
  308. function of_recognized_background_attachment() { 
  309. $default = array( 
  310. 'scroll' => __( 'Scroll Normally', 'skt-photo-session' ),  
  311. 'fixed' => __( 'Fixed in Place', 'skt-photo-session') 
  312. ); 
  313. return apply_filters( 'of_recognized_background_attachment', $default ); 
  314.  
  315. /** 
  316. * Sanitize a color represented in hexidecimal notation. 
  317. * 
  318. * @param string Color in hexidecimal notation. "#" may or may not be prepended to the string. 
  319. * @param string The value that this function should return if it cannot be recognized as a color. 
  320. * @return string 
  321. */ 
  322.  
  323. function of_sanitize_hex( $hex, $default = '' ) { 
  324. if ( of_validate_hex( $hex ) ) { 
  325. return $hex; 
  326. return $default; 
  327. add_filter( 'of_sanitize_color', 'of_sanitize_hex' ); 
  328.  
  329. /** 
  330. * Get recognized font sizes. 
  331. * 
  332. * Returns an indexed array of all recognized font sizes. 
  333. * Values are integers and represent a range of sizes from 
  334. * smallest to largest. 
  335. * 
  336. * @return array 
  337. */ 
  338.  
  339. function of_recognized_font_sizes() { 
  340. $sizes = range( 9, 71 ); 
  341. $sizes = apply_filters( 'of_recognized_font_sizes', $sizes ); 
  342. $sizes = array_map( 'absint', $sizes ); 
  343. return $sizes; 
  344.  
  345. /** 
  346. * Get recognized font faces. 
  347. * 
  348. * Returns an array of all recognized font faces. 
  349. * Keys are intended to be stored in the database 
  350. * while values are ready for display in in html. 
  351. * 
  352. * @return array 
  353. */ 
  354. function of_recognized_font_faces() { 
  355. $default = array( 
  356. 'arial' => 'Arial',  
  357. 'verdana' => 'Verdana, Geneva',  
  358. 'trebuchet' => 'Trebuchet',  
  359. 'georgia' => 'Georgia',  
  360. 'times' => 'Times New Roman',  
  361. 'tahoma' => 'Tahoma, Geneva',  
  362. 'palatino' => 'Palatino',  
  363. 'helvetica' => 'Helvetica*' 
  364. ); 
  365. return apply_filters( 'of_recognized_font_faces', $default ); 
  366.  
  367. /** 
  368. * Get recognized font styles. 
  369. * 
  370. * Returns an array of all recognized font styles. 
  371. * Keys are intended to be stored in the database 
  372. * while values are ready for display in in html. 
  373. * 
  374. * @return array 
  375. */ 
  376. function of_recognized_font_styles() { 
  377. $default = array( 
  378. 'normal' => __( 'Normal', 'skt-photo-session' ),  
  379. 'italic' => __( 'Italic', 'skt-photo-session' ),  
  380. 'bold' => __( 'Bold', 'skt-photo-session' ),  
  381. 'bold italic' => __( 'Bold Italic', 'skt-photo-session' ) 
  382. ); 
  383. return apply_filters( 'of_recognized_font_styles', $default ); 
  384.  
  385. /** 
  386. * Is a given string a color formatted in hexidecimal notation? 
  387. * 
  388. * @param string Color in hexidecimal notation. "#" may or may not be prepended to the string. 
  389. * @return bool 
  390. */ 
  391. function of_validate_hex( $hex ) { 
  392. $hex = trim( $hex ); 
  393. /** Strip recognized prefixes. */ 
  394. if ( 0 === strpos( $hex, '#' ) ) { 
  395. $hex = substr( $hex, 1 ); 
  396. elseif ( 0 === strpos( $hex, '%23' ) ) { 
  397. $hex = substr( $hex, 3 ); 
  398. /** Regex match. */ 
  399. if ( 0 === preg_match( '/^[0-9a-fA-F]{6}$/', $hex ) ) { 
  400. return false; 
  401. else { 
  402. return true; 
.