WordPress Version: 6.3
/**
* Sanitizes a bookmark field.
*
* Sanitizes the bookmark fields based on what the field name is. If the field
* has a strict value set, then it will be tested for that, else a more generic
* filtering is applied. After the more strict filter is applied, if the `$context`
* is 'raw' then the value is immediately return.
*
* Hooks exist for the more generic cases. With the 'edit' context, the {@see 'edit_$field'}
* filter will be called and passed the `$value` and `$bookmark_id` respectively.
*
* With the 'db' context, the {@see 'pre_$field'} filter is called and passed the value.
* The 'display' context is the final context and has the `$field` has the filter name
* and is passed the `$value`, `$bookmark_id`, and `$context`, respectively.
*
* @since 2.3.0
*
* @param string $field The bookmark field.
* @param mixed $value The bookmark field value.
* @param int $bookmark_id Bookmark ID.
* @param string $context How to filter the field value. Accepts 'raw', 'edit', 'db',
* 'display', 'attribute', or 'js'. Default 'display'.
* @return mixed The filtered value.
*/
function sanitize_bookmark_field($field, $value, $bookmark_id, $context)
{
$int_fields = array('link_id', 'link_rating');
if (in_array($field, $int_fields, true)) {
$value = (int) $value;
}
switch ($field) {
case 'link_category':
// array( ints )
$value = array_map('absint', (array) $value);
/*
* We return here so that the categories aren't filtered.
* The 'link_category' filter is for the name of a link category, not an array of a link's link categories.
*/
return $value;
case 'link_visible':
// bool stored as Y|N
$value = preg_replace('/[^YNyn]/', '', $value);
break;
case 'link_target':
// "enum"
$targets = array('_top', '_blank');
if (!in_array($value, $targets, true)) {
$value = '';
}
break;
}
if ('raw' === $context) {
return $value;
}
if ('edit' === $context) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters("edit_{$field}", $value, $bookmark_id);
if ('link_notes' === $field) {
$value = esc_html($value);
// textarea_escaped
} else {
$value = esc_attr($value);
}
} elseif ('db' === $context) {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters("pre_{$field}", $value);
} else {
/** This filter is documented in wp-includes/post.php */
$value = apply_filters("{$field}", $value, $bookmark_id, $context);
if ('attribute' === $context) {
$value = esc_attr($value);
} elseif ('js' === $context) {
$value = esc_js($value);
}
}
// Restore the type for integer fields after esc_attr().
if (in_array($field, $int_fields, true)) {
$value = (int) $value;
}
return $value;
}