apply_filters( ‘sanitize_key’, string $sanitized_key, string $key )

Filters a sanitized key string.


Sanitized key.
The key prior to sanitization.

More Information

  • By default, sanitize_key() function sanitize a string key, which is used as internal identifiers, into lowercase alphanumeric, dashes, and underscores characters. After sanitize_key() function has done its work, it passes the sanitized key through this sanitize_key filter.
  • The filter passes $key and $raw_key as parameters, which allows the user of this filter to perform additional sanitization based on these two keys.


return apply_filters( 'sanitize_key', $sanitized_key, $key );



User Contributed Notes

  1. Skip to note 2 content

    Example Migrated from Codex:

    Filtering the output

    Remove dashes from the string key after sanitize_key() function has done its work (dash is allowed by sanitize_key() function).

    add_filter( 'sanitize_key', 'remove_dashes_from_keys' );
    function remove_dashes_from_keys( $key ) {
        return preg_replace( '/-/s', '', $key );

    Filtering the raw key

    You can interact with the raw key as second parameter of that filter. The raw key is the exact value passed to the sanitize_key() function. You could use it to make your own sanitization of the original key.

    Note: Direct filtering of the $raw_key is not recommended since if not filtered carefully or if sanitize_key() function ever gets updated, your filter may be returning a key with characters that is prohibited by sanitize_key() function.

    add_filter( 'sanitize_key', 'do_something_with_rawkeys', 10, 2 );
    function do_something_with_rawkeys( $key, $rawkey ) {
        // do domething with $rawkey
        return $rawkey;

You must log in before being able to contribute a note or feedback.