WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

sanitize_post()

sanitize_post( object|WP_Post|array $post, string $context = ‘display’ ): object|WP_Post|array

In this article

Back to top

Sanitizes every post field.

Description

If the context is ‘raw’, then the post object or array will get minimal sanitization of the integer fields.

See also

Parameters

$postobject|WP_Post|arrayrequired
The post object or array
$contextstringoptional
How to sanitize post fields.
Accepts 'raw', 'edit', 'db', 'display', 'attribute', or 'js'. Default 'display'.

Default:'display'

Return

object|WP_Post|array The now sanitized post object or array (will be the same type as $post).

Source

function sanitize_post( $post, $context = 'display' ) {
	if ( is_object( $post ) ) {
		// Check if post already filtered for this context.
		if ( isset( $post->filter ) && $context == $post->filter ) {
			return $post;
		}
		if ( ! isset( $post->ID ) ) {
			$post->ID = 0;
		}
		foreach ( array_keys( get_object_vars( $post ) ) as $field ) {
			$post->$field = sanitize_post_field( $field, $post->$field, $post->ID, $context );
		}
		$post->filter = $context;
	} elseif ( is_array( $post ) ) {
		// Check if post already filtered for this context.
		if ( isset( $post['filter'] ) && $context == $post['filter'] ) {
			return $post;
		}
		if ( ! isset( $post['ID'] ) ) {
			$post['ID'] = 0;
		}
		foreach ( array_keys( $post ) as $field ) {
			$post[ $field ] = sanitize_post_field( $field, $post[ $field ], $post['ID'], $context );
		}
		$post['filter'] = $context;
	}
	return $post;
}

View all references View on Trac View on GitHub

UsesDescription
sanitize_post_field()wp-includes/post.php

Sanitizes a post field based on context.

Used byDescription
get_attachment_fields_to_edit()wp-admin/includes/media.php

Retrieves the attachment fields to edit form fields.

WP_Post::get_instance()wp-includes/class-wp-post.php

Retrieve WP_Post instance.

WP_Post::filter()wp-includes/class-wp-post.php

{@Missing Summary}

update_post_cache()wp-includes/post.php

Updates posts in cache.

wp_insert_post()wp-includes/post.php

Inserts or update a post.

get_post()wp-includes/post.php

Retrieves post data given a post ID or post object.

_set_preview()wp-includes/revision.php

Sets up the post object for preview based on the post autosave.

Show 2 moreShow less

Changelog

VersionDescription
2.3.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.