sanitize_user

函数
sanitize_user ( $username, $strict = false )
参数
  • (string) $username The username to be sanitized.
    Required:
  • (bool) $strict Optional. If set limits $username to specific characters. Default false.
    Required:
    Default: false
返回值
  • (string) The sanitized username, after passing through filters.
定义位置
相关方法
sanitize_urlsanitize_termsanitize_user_fieldsanitize_keysanitize_user_object
引入
2.0.0
弃用
-

sanitize_user: 这是一个WordPress的函数,它对一个用户对象进行净化。它用于验证和净化用户的数据,如用户名、密码和电子邮件: 这个函数有一个参数,就是要净化的用户对象。

对用户名进行净化,删除不安全的字符。

删除标签、八位数、实体,如果启用了strict,将只保留字母数字、_、空格、.、-、@。净化后,它将用户名、原始用户名(参数中的用户名)和$strict的值作为{@see ‘sanitize_user’}过滤器的参数。

function sanitize_user( $username, $strict = false ) {
	$raw_username = $username;
	$username     = wp_strip_all_tags( $username );
	$username     = remove_accents( $username );
	// Kill octets.
	$username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
	// Kill entities.
	$username = preg_replace( '/&.+?;/', '', $username );

	// If strict, reduce to ASCII for max portability.
	if ( $strict ) {
		$username = preg_replace( '|[^a-z0-9 _.-@]|i', '', $username );
	}

	$username = trim( $username );
	// Consolidate contiguous whitespace.
	$username = preg_replace( '|s+|', ' ', $username );

	/**
	 * Filters a sanitized username string.
	 *
	 * @since 2.0.1
	 *
	 * @param string $username     Sanitized username.
	 * @param string $raw_username The username prior to sanitization.
	 * @param bool   $strict       Whether to limit the sanitization to specific characters.
	 */
	return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
}

常见问题

FAQs
查看更多 >