sanitize_meta( string $meta_key, mixed $meta_value, string $object_type, string $object_subtype = '' )

Sanitizes meta value.


Parameters

$meta_key

(string) (Required) Metadata key.

$meta_value

(mixed) (Required) Metadata value to sanitize.

$object_type

(string) (Required) Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user', or any other object type with an associated meta table.

$object_subtype

(string) (Optional) The subtype of the object type.

Default value: ''


Top ↑

Return

(mixed) Sanitized $meta_value.


Top ↑

More Information

  • This function applies filters that can be hooked to perform specific sanitization procedures for the particular metadata type and key. Does not sanitize anything on its own. Custom filters must be hooked in to do the work. The filter hook tag has the form “sanitize_{$meta_type}_meta_{$meta_key}“.
  • This function is called by add_metadata() and update_metadata() WordPress functions.

Top ↑

Source

File: wp-includes/meta.php

function sanitize_meta( $meta_key, $meta_value, $object_type, $object_subtype = '' ) {
	if ( ! empty( $object_subtype ) && has_filter( "sanitize_{$object_type}_meta_{$meta_key}_for_{$object_subtype}" ) ) {

		/**
		 * Filters the sanitization of a specific meta key of a specific meta type and subtype.
		 *
		 * The dynamic portions of the hook name, `$object_type`, `$meta_key`,
		 * and `$object_subtype`, refer to the metadata object type (comment, post, term, or user),
		 * the meta key value, and the object subtype respectively.
		 *
		 * @since 4.9.8
		 *
		 * @param mixed  $meta_value     Metadata value to sanitize.
		 * @param string $meta_key       Metadata key.
		 * @param string $object_type    Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user',
		 *                               or any other object type with an associated meta table.
		 * @param string $object_subtype Object subtype.
		 */
		return apply_filters( "sanitize_{$object_type}_meta_{$meta_key}_for_{$object_subtype}", $meta_value, $meta_key, $object_type, $object_subtype );
	}

	/**
	 * Filters the sanitization of a specific meta key of a specific meta type.
	 *
	 * The dynamic portions of the hook name, `$meta_type`, and `$meta_key`,
	 * refer to the metadata object type (comment, post, term, or user) and the meta
	 * key value, respectively.
	 *
	 * @since 3.3.0
	 *
	 * @param mixed  $meta_value  Metadata value to sanitize.
	 * @param string $meta_key    Metadata key.
	 * @param string $object_type Type of object metadata is for. Accepts 'post', 'comment', 'term', 'user',
	 *                            or any other object type with an associated meta table.
	 */
	return apply_filters( "sanitize_{$object_type}_meta_{$meta_key}", $meta_value, $meta_key, $object_type );
}


Top ↑

Changelog

Changelog
Version Description
4.9.8 The $object_subtype parameter was added.
3.1.3 Introduced.

Top ↑

User Contributed Notes

  1. Skip to note 1 content
    Contributed by Codex

    Example

    $clean_value = sanitize_meta( 'birth-year', $user_input, 'user' );
    
    function wpdocs_sanitize_birth_year_meta( $year ) {
    
    	$now  = date( 'Y' );
    	$then = $now - 115; // No users older than 115.
    
    	if ( $then > $year || $year > $now ) {
    		wp_die( __( 'Invalid entry, go back and try again.', 'textdomain' ) );
    	}
    	return $year;
    }
    add_filter( 'sanitize_user_meta_birth-year', 'wpdocs_sanitize_birth_year_meta' );
    

You must log in before being able to contribute a note or feedback.