sanitize_meta( string $meta_key, mixed $meta_value, string $object_type, string $object_subtype = '' ): mixed

Sanitizes meta value.

Contents

Parameters

$meta_key string Required
Metadata key.
$meta_value mixed Required
Metadata value to sanitize.
$object_type string Required
Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user', or any other object type with an associated meta table.
$object_subtype string Optional
The subtype of the object type.

Default: ''

Top ↑

Return

mixed Sanitized $meta_value.

Top ↑

More Information

  • This function applies filters that can be hooked to perform specific sanitization procedures for the particular metadata type and key. Does not sanitize anything on its own. Custom filters must be hooked in to do the work. The filter hook tag has the form “sanitize_{$meta_type}_meta_{$meta_key}“.
  • This function is called by add_metadata() and update_metadata() WordPress functions.

Top ↑

Source

File: wp-includes/meta.php. View all references 

function sanitize_meta( $meta_key, $meta_value, $object_type, $object_subtype = '' ) {
	if ( ! empty( $object_subtype ) && has_filter( "sanitize_{$object_type}_meta_{$meta_key}_for_{$object_subtype}" ) ) {

		/**
		 * Filters the sanitization of a specific meta key of a specific meta type and subtype.
		 *
		 * The dynamic portions of the hook name, `$object_type`, `$meta_key`,
		 * and `$object_subtype`, refer to the metadata object type (comment, post, term, or user),
		 * the meta key value, and the object subtype respectively.
		 *
		 * @since 4.9.8
		 *
		 * @param mixed  $meta_value     Metadata value to sanitize.
		 * @param string $meta_key       Metadata key.
		 * @param string $object_type    Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user',
		 *                               or any other object type with an associated meta table.
		 * @param string $object_subtype Object subtype.
		 */
		return apply_filters( "sanitize_{$object_type}_meta_{$meta_key}_for_{$object_subtype}", $meta_value, $meta_key, $object_type, $object_subtype );
	}

	/**
	 * Filters the sanitization of a specific meta key of a specific meta type.
	 *
	 * The dynamic portions of the hook name, `$meta_type`, and `$meta_key`,
	 * refer to the metadata object type (comment, post, term, or user) and the meta
	 * key value, respectively.
	 *
	 * @since 3.3.0
	 *
	 * @param mixed  $meta_value  Metadata value to sanitize.
	 * @param string $meta_key    Metadata key.
	 * @param string $object_type Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user',
	 *                            or any other object type with an associated meta table.
	 */
	return apply_filters( "sanitize_{$object_type}_meta_{$meta_key}", $meta_value, $meta_key, $object_type );
}

View on Trac View on GitHub

Top ↑

Hooks

Top ↑

Top ↑

Uses

Uses
Uses Description
has_filter() wp-includes/plugin.php

Checks if any filter has been registered for a hook.
apply_filters() wp-includes/plugin.php

Calls the callback functions that have been added to a filter hook.

Top ↑

Used By

Used By
Used By Description
WP_REST_Meta_Fields::is_meta_value_same_as_stored_value() wp-includes/rest-api/fields/class-wp-rest-meta-fields.php

Checks if the user provided value is equivalent to a stored value for the given meta key.
update_metadata_by_mid() wp-includes/meta.php

Updates metadata by meta ID.
add_metadata() wp-includes/meta.php

Adds metadata for the specified object.
update_metadata() wp-includes/meta.php

Updates metadata for the specified object. If no value already exists for the specified object ID and metadata key, the metadata will be added.

Top ↑

Changelog

Changelog
Version Description
4.9.8 The $object_subtype parameter was added.
3.1.3 Introduced.

Top ↑

User Contributed Notes

  1. Skip to note 1 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 1You must log in to vote on the helpfulness of this note
    Contributed by Codex

    Example

    $clean_value = sanitize_meta( 'birth-year', $user_input, 'user' );

function wpdocs_sanitize_birth_year_meta( $year ) {

	$now  = date( 'Y' );
	$then = $now - 115; // No users older than 115.

	if ( $then > $year || $year > $now ) {
		wp_die( __( 'Invalid entry, go back and try again.', 'textdomain' ) );
	}
	return $year;
}
add_filter( 'sanitize_user_meta_birth-year', 'wpdocs_sanitize_birth_year_meta' );

You must log in before being able to contribute a note or feedback.