wp_get_theme_preview_path()
wp-includes/theme-previews.php
|
Filters the blog option to return the path for the previewed theme.
|
wp_attach_theme_preview_middleware()
wp-includes/theme-previews.php
|
Adds a middleware to apiFetch to set the theme for the preview.
|
WP_REST_Pattern_Directory_Controller::prepare_item_for_response()
wp-includes/rest-api/endpoints/class-wp-rest-pattern-directory-controller.php
|
Prepare a raw block pattern before it gets output in a REST API response.
|
WP_REST_Site_Health_Controller::get_directory_sizes()
wp-includes/rest-api/endpoints/class-wp-rest-site-health-controller.php
|
Gets the current directory sizes for this install.
|
WP_Application_Passwords::create_new_application_password()
wp-includes/class-wp-application-passwords.php
|
Creates a new application password.
|
WP_Application_Passwords::update_application_password()
wp-includes/class-wp-application-passwords.php
|
Updates an application password.
|
WP_REST_Plugins_Controller::sanitize_plugin_param()
wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php
|
Sanitizes the “plugin” parameter to be a proper plugin file with “.php” appended.
|
WP_Sitemaps::render_sitemaps()
wp-includes/sitemaps/class-wp-sitemaps.php
|
Renders sitemap templates based on rewrite rules.
|
wp_ajax_toggle_auto_updates()
wp-admin/includes/ajax-actions.php
|
Handles enabling or disable plugin and theme auto-updates via AJAX.
|
WP_Debug_Data::debug_data()
wp-admin/includes/class-wp-debug-data.php
|
Static function for generating site debug data when required.
|
wp_ajax_health_check_get_sizes()
wp-admin/includes/ajax-actions.php
|
Handles site health check to get directories and database sizes via AJAX.
|
WP_Privacy_Requests_Table::get_views()
wp-admin/includes/class-wp-privacy-requests-table.php
|
Gets an associative array ( id => link ) with the list of views available on this table.
|
WP_Privacy_Requests_Table::prepare_items()
wp-admin/includes/class-wp-privacy-requests-table.php
|
Prepares items to output.
|
_wp_personal_data_handle_actions()
wp-admin/includes/privacy-tools.php
|
Handle list table actions.
|
WP_Customize_Manager::handle_load_themes_request()
wp-includes/class-wp-customize-manager.php
|
Loads themes into the theme browsing/installation UI.
|
WP_Widget_Custom_HTML::update()
wp-includes/widgets/class-wp-widget-custom-html.php
|
Handles updating settings for the current Custom HTML widget instance.
|
rest_sanitize_value_from_schema()
wp-includes/rest-api.php
|
Sanitize a value based on a schema.
|
WP_REST_Attachments_Controller::create_item()
wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
|
Creates a single attachment.
|
wp_ajax_delete_plugin()
wp-admin/includes/ajax-actions.php
|
Handles deleting a plugin via AJAX.
|
WP_Customize_Nav_Menu_Setting::sanitize()
wp-includes/customize/class-wp-customize-nav-menu-setting.php
|
Sanitize an input.
|
WP_Customize_Nav_Menu_Item_Setting::sanitize()
wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
|
Sanitize an input.
|
WP_Customize_Nav_Menus::ajax_search_available_items()
wp-includes/class-wp-customize-nav-menus.php
|
Ajax handler for searching available menu items.
|
wp_ajax_update_plugin()
wp-admin/includes/ajax-actions.php
|
Handles updating a plugin via AJAX.
|
validate_another_blog_signup()
wp-signup.php
|
Validates a new site sign-up for an existing user.
|
validate_blog_signup()
wp-signup.php
|
Validates new site signup.
|
edit_user()
wp-admin/includes/user.php
|
Edit user settings based on contents of $_POST
|
media_handle_upload()
wp-admin/includes/media.php
|
Saves a file submitted from a POST request and create an attachment post for it.
|
edit_post()
wp-admin/includes/post.php
|
Updates an existing post with values provided in $_POST .
|
wp_ajax_save_attachment()
wp-admin/includes/ajax-actions.php
|
Handles updating attachment attributes via AJAX.
|
WP_Customize_Manager::save()
wp-includes/class-wp-customize-manager.php
|
Handles customize_save WP Ajax request to save/update a changeset.
|
WP_Nav_Menu_Widget::update()
wp-includes/widgets/class-wp-nav-menu-widget.php
|
Handles updating settings for the current Navigation Menu widget instance.
|
WP_Widget_Recent_Comments::update()
wp-includes/widgets/class-wp-widget-recent-comments.php
|
Handles updating settings for the current Recent Comments widget instance.
|
WP_Widget_Tag_Cloud::update()
wp-includes/widgets/class-wp-widget-tag-cloud.php
|
Handles updating settings for the current Tag Cloud widget instance.
|
WP_Widget_Recent_Posts::update()
wp-includes/widgets/class-wp-widget-recent-posts.php
|
Handles updating the settings for the current Recent Posts widget instance.
|
WP_Widget_Categories::update()
wp-includes/widgets/class-wp-widget-categories.php
|
Handles updating settings for the current Categories widget instance.
|
WP_Widget_Text::update()
wp-includes/widgets/class-wp-widget-text.php
|
Handles updating settings for the current Text widget instance.
|
WP_Widget_Calendar::update()
wp-includes/widgets/class-wp-widget-calendar.php
|
Handles updating settings for the current Calendar widget instance.
|
WP_Widget_Meta::update()
wp-includes/widgets/class-wp-widget-meta.php
|
Handles updating settings for the current Meta widget instance.
|
WP_Widget_Archives::update()
wp-includes/widgets/class-wp-widget-archives.php
|
Handles updating settings for the current Archives widget instance.
|
WP_Widget_Search::update()
wp-includes/widgets/class-wp-widget-search.php
|
Handles updating settings for the current Search widget instance.
|
WP_Widget_Pages::update()
wp-includes/widgets/class-wp-widget-pages.php
|
Handles updating settings for the current Pages widget instance.
|
register_new_user()
wp-includes/user.php
|
Handles registering a new user.
|
wp_page_menu()
wp-includes/post-template.php
|
Displays or retrieves a list of pages with an optional home link.
|
This function is not for protecting against SQL injection, so please don’t use it in your database queries. In most cases using https://developer.wordpress.org/reference/classes/wpdb/prepare/ with placeholders is best for database queries.
Check whether the string is a valid UTF-8 character, and remove all HTML tags.
Top ↑
Feedback
This will not convert text string to lower case as stated in your comment ” it will return ‘title’ without any HTML tags!” make it “it will return ‘Title’ without any HTML tags!’ — By bharatthapa —
Sanitize an array
I ran across an issue with one of my plugins, as it was going through the initial security review, where I had an array that wasn’t passing a security check. The sanitize_text_field() function only works on a string, not an array’d item.
I located this nice little tidbit of code to sanitize an array, properly.
IMHO, this needs to become a core feature of WordPress’ sanitation functions. Lior Broshi is the gentleman that came up with this creative solution (I have obtained his permission to share this).
Top ↑
Feedback
Sanitize an array
— By bhvreddy —