Title: sanitize_post Published: April 25, 2014 Last modified: May 20, 2026 --- # sanitize_post( object|WP_Post|array $post, string $context = 'display' ): object|󠀁[WP_Post](https://developer.wordpress.org/reference/classes/wp_post/)󠁿|array ## In this article * [Description](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#description) - [See also](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#see-also) * [Parameters](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#parameters) * [Return](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#return) * [Source](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#source) * [Related](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#related) * [Changelog](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#changelog) [ Back to top](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#wp--skip-link--target) Sanitizes every post field. ## 󠀁[Description](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#description)󠁿 If the context is ‘raw’, then the post object or array will get minimal sanitization of the integer fields. ### 󠀁[See also](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#see-also)󠁿 * [sanitize_post_field()](https://developer.wordpress.org/reference/functions/sanitize_post_field/) ## 󠀁[Parameters](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#parameters)󠁿 `$post`object|[WP_Post](https://developer.wordpress.org/reference/classes/wp_post/) |arrayrequired The post object or array `$context`stringoptional How to sanitize post fields. Accepts `'raw'`, `'edit'`, `'db'`, `'display'`, `' attribute'`, or `'js'`. Default `'display'`. Default:`'display'` ## 󠀁[Return](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#return)󠁿 object|[WP_Post](https://developer.wordpress.org/reference/classes/wp_post/)|array The now sanitized post object or array (will be the same type as `$post`). ## 󠀁[Source](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#source)󠁿 ```php function sanitize_post( $post, $context = 'display' ) { if ( is_object( $post ) ) { // Check if post already filtered for this context. if ( isset( $post->filter ) && $context === $post->filter ) { return $post; } if ( ! isset( $post->ID ) ) { $post->ID = 0; } foreach ( array_keys( get_object_vars( $post ) ) as $field ) { $post->$field = sanitize_post_field( $field, $post->$field, $post->ID, $context ); } $post->filter = $context; } elseif ( is_array( $post ) ) { // Check if post already filtered for this context. if ( isset( $post['filter'] ) && $context === $post['filter'] ) { return $post; } if ( ! isset( $post['ID'] ) ) { $post['ID'] = 0; } foreach ( array_keys( $post ) as $field ) { $post[ $field ] = sanitize_post_field( $field, $post[ $field ], $post['ID'], $context ); } $post['filter'] = $context; } return $post; } ``` [View all references](https://developer.wordpress.org/reference/files/wp-includes/post.php/) [View on Trac](https://core.trac.wordpress.org/browser/tags/7.0/src/wp-includes/post.php#L2919) [View on GitHub](https://github.com/WordPress/wordpress-develop/blob/7.0/src/wp-includes/post.php#L2919-L2946) ## 󠀁[Related](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#related)󠁿 | Uses | Description | | [sanitize_post_field()](https://developer.wordpress.org/reference/functions/sanitize_post_field/)`wp-includes/post.php` | Sanitizes a post field based on context. | | Used by | Description | | [get_attachment_fields_to_edit()](https://developer.wordpress.org/reference/functions/get_attachment_fields_to_edit/)`wp-admin/includes/media.php` | Retrieves the attachment fields to edit form fields. | | [WP_Post::get_instance()](https://developer.wordpress.org/reference/classes/wp_post/get_instance/)`wp-includes/class-wp-post.php` | Retrieve [WP_Post](https://developer.wordpress.org/reference/classes/wp_post/) instance. | | [WP_Post::filter()](https://developer.wordpress.org/reference/classes/wp_post/filter/)`wp-includes/class-wp-post.php` | {@Missing Summary} | | [update_post_cache()](https://developer.wordpress.org/reference/functions/update_post_cache/)`wp-includes/post.php` | Updates posts in cache. | | [wp_insert_post()](https://developer.wordpress.org/reference/functions/wp_insert_post/)`wp-includes/post.php` | Inserts or updates a post in the database. | | [get_post()](https://developer.wordpress.org/reference/functions/get_post/)`wp-includes/post.php` | Retrieves post data given a post ID or post object. | | [_set_preview()](https://developer.wordpress.org/reference/functions/_set_preview/)`wp-includes/revision.php` | Sets up the post object for preview based on the post autosave. | [Show 2 more](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#) [Show less](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#) ## 󠀁[Changelog](https://developer.wordpress.org/reference/functions/sanitize_post/?output_format=md#changelog)󠁿 | Version | Description | | [2.3.0](https://developer.wordpress.org/reference/since/2.3.0/) | Introduced. | ## User Contributed Notes You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fsanitize_post%2F) before being able to contribute a note or feedback.