EscapingFunctionsTrait
Helper functions and function lists for checking whether an escaping function is being used.
Any sniff class which incorporates this trait will automatically support the
following public properties which can be changed from within a custom ruleset:
customEscapingFunctions.customAutoEscapedFunctions
Tags
Table of Contents
Properties
- $customAutoEscapedFunctions : array<string|int, string>
- Custom list of functions whose return values are pre-escaped for display.
- $customEscapingFunctions : array<string|int, string>
- Custom list of functions which escape values for display.
- $addedCustomEscapingFunctions : array<string, array<string|int, string>>
- Cache of previously added custom functions.
- $allAutoEscapedFunctions : array<string, bool>
- Combined list of WP native and custom auto-escaping functions.
- $allEscapingFunctions : array<string, bool>
- Combined list of WP native and custom escaping functions.
- $autoEscapedFunctions : array<string, bool>
- Functions whose output is automatically escaped for display.
- $escapingFunctions : array<string, bool>
- Functions that escape values for display.
Methods
- is_auto_escaped_function() : bool
- Check if a particular function is regarded as an auto-escaped function.
- is_escaping_function() : bool
- Check if a particular function is regarded as an escaping function.
Properties
$customAutoEscapedFunctions
Custom list of functions whose return values are pre-escaped for display.
public
array<string|int, string>
$customAutoEscapedFunctions
= array()
Tags
$customEscapingFunctions
Custom list of functions which escape values for display.
public
array<string|int, string>
$customEscapingFunctions
= array()
Tags
$addedCustomEscapingFunctions
Cache of previously added custom functions.
private
array<string, array<string|int, string>>
$addedCustomEscapingFunctions
= array('escape' => array(), 'autoescape' => array())
Prevents having to do the same merges over and over again.
Tags
$allAutoEscapedFunctions
Combined list of WP native and custom auto-escaping functions.
private
array<string, bool>
$allAutoEscapedFunctions
= array()
Tags
$allEscapingFunctions
Combined list of WP native and custom escaping functions.
private
array<string, bool>
$allEscapingFunctions
= array()
Tags
$autoEscapedFunctions
Functions whose output is automatically escaped for display.
private
array<string, bool>
$autoEscapedFunctions
= array('allowed_tags' => true, 'bloginfo' => true, 'body_class' => true, 'calendar_week_mod' => true, 'category_description' => true, 'checked' => true, 'comment_class' => true, 'count' => true, 'disabled' => true, 'do_shortcode' => true, 'do_shortcode_tag' => true, 'get_archives_link' => true, 'get_attachment_link' => true, 'get_avatar' => true, 'get_bookmark_field' => true, 'get_calendar' => true, 'get_comment_author_link' => true, 'get_current_blog_id' => true, 'get_delete_post_link' => true, 'get_search_form' => true, 'get_search_query' => true, 'get_the_author_link' => true, 'get_the_author' => true, 'get_the_date' => true, 'get_the_ID' => true, 'get_the_post_thumbnail' => true, 'get_the_term_list' => true, 'post_type_archive_title' => true, 'readonly' => true, 'selected' => true, 'single_cat_title' => true, 'single_month_title' => true, 'single_post_title' => true, 'single_tag_title' => true, 'single_term_title' => true, 'tag_description' => true, 'term_description' => true, 'the_author' => true, 'the_date' => true, 'the_title_attribute' => true, 'walk_nav_menu_tree' => true, 'wp_dropdown_categories' => true, 'wp_dropdown_users' => true, 'wp_generate_tag_cloud' => true, 'wp_get_archives' => true, 'wp_get_attachment_image' => true, 'wp_get_attachment_link' => true, 'wp_link_pages' => true, 'wp_list_authors' => true, 'wp_list_bookmarks' => true, 'wp_list_categories' => true, 'wp_list_comments' => true, 'wp_login_form' => true, 'wp_loginout' => true, 'wp_nav_menu' => true, 'wp_readonly' => true, 'wp_register' => true, 'wp_tag_cloud' => true, 'wp_timezone_choice' => true, 'wp_title' => true)
Tags
$escapingFunctions
Functions that escape values for display.
private
array<string, bool>
$escapingFunctions
= array('absint' => true, 'esc_attr__' => true, 'esc_attr_e' => true, 'esc_attr_x' => true, 'esc_attr' => true, 'esc_html__' => true, 'esc_html_e' => true, 'esc_html_x' => true, 'esc_html' => true, 'esc_js' => true, 'esc_sql' => true, 'esc_textarea' => true, 'esc_url_raw' => true, 'esc_url' => true, 'esc_xml' => true, 'filter_input' => true, 'filter_var' => true, 'floatval' => true, 'highlight_string' => true, 'intval' => true, 'json_encode' => true, 'like_escape' => true, 'number_format' => true, 'rawurlencode' => true, 'sanitize_hex_color' => true, 'sanitize_hex_color_no_hash' => true, 'sanitize_html_class' => true, 'sanitize_key' => true, 'sanitize_locale_name' => true, 'sanitize_user_field' => true, 'tag_escape' => true, 'urlencode_deep' => true, 'urlencode' => true, 'wp_json_encode' => true, 'wp_kses_allowed_html' => true, 'wp_kses_data' => true, 'wp_kses_one_attr' => true, 'wp_kses_post' => true, 'wp_kses' => true)
Tags
Methods
is_auto_escaped_function()
Check if a particular function is regarded as an auto-escaped function.
public
final is_auto_escaped_function(string $functionName) : bool
Parameters
- $functionName : string
-
The name of the function to check.
Tags
Return values
boolis_escaping_function()
Check if a particular function is regarded as an escaping function.
public
final is_escaping_function(string $functionName) : bool
Parameters
- $functionName : string
-
The name of the function to check.