xprofile_sanitize_data_value_before_save( string $field_value, int $field_id, bool $reserialize = true, object|null $data_obj = null )

Safely runs profile field data through kses and force_balance_tags.

Description

Parameters

$field_value

(Required) Field value being santized.

$field_id

(Required) Field ID being sanitized.

$reserialize

(Optional) Whether to reserialize arrays before returning. Defaults to true.

Default value: true

$data_obj

(Optional) The BP_XProfile_ProfileData object.

Default value: null

Return

(string)

Source

File: bp-xprofile/bp-xprofile-filters.php

function xprofile_sanitize_data_value_before_save( $field_value, $field_id = 0, $reserialize = true, $data_obj = null ) {
 
    // Return if empty.
    if ( empty( $field_value ) ) {
        return $field_value;
    }
 
    if ( isset( $data_obj->field_id ) && ! empty( $data_obj->field_id ) ) {
        $fields = xprofile_get_field( $data_obj->field_id, null, false );
 
        // Allows storing the 'facebook', 'twitter' and so on as array keys in the data.
        if ( isset( $fields->type ) && 'socialnetworks' === $fields->type ) {
            return $field_value;
        }
    }
 
    // Force reserialization if serialized (avoids mutation, retains integrity)
    if ( is_serialized( $field_value ) && ( false === $reserialize ) ) {
        $reserialize = true;
    }
 
    // Value might be a serialized array of options.
    $field_value = maybe_unserialize( $field_value );
 
    // Sanitize single field value.
    if ( ! is_array( $field_value ) ) {
        $kses_field_value     = xprofile_filter_kses( $field_value, $data_obj );
        $filtered_field_value = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
 
        /**
         * Filters the kses-filtered data before saving to database.
         *
         * @since BuddyPress 1.5.0
         *
         * @param string $filtered_field_value The filtered value.
         * @param string $field_value The original value before filtering.
         * @param BP_XProfile_ProfileData $data_obj The BP_XProfile_ProfileData object.
         */
        $filtered_field_value = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_field_value, $field_value, $data_obj );
 
        // Sanitize multiple individual option values.
    } else {
        $filtered_values = array();
        foreach ( (array) $field_value as $value ) {
            $kses_field_value = xprofile_filter_kses( $value, $data_obj );
            $filtered_value   = wp_rel_nofollow( force_balance_tags( $kses_field_value ) );
 
            /** This filter is documented in bp-xprofile/bp-xprofile-filters.php */
            $filtered_values[] = apply_filters( 'xprofile_filtered_data_value_before_save', $filtered_value, $value, $data_obj );
        }
 
        if ( ! empty( $reserialize ) ) {
            $filtered_field_value = serialize( $filtered_values );
        } else {
            $filtered_field_value = $filtered_values;
        }
    }
 
    return $filtered_field_value;
}

Expand full source code Collapse full source code

Changelog

Changelog
Version	Description
BuddyPress 1.2.6	Introduced.

Uses

Uses
Uses	Description
bp-xprofile/bp-xprofile-filters.php: xprofile_filter_kses()	Run profile field values through kses with filterable allowed tags.
bp-xprofile/bp-xprofile-filters.php: xprofile_filtered_data_value_before_save	Filters the kses-filtered data before saving to database.
bp-xprofile/bp-xprofile-functions.php: xprofile_get_field()	Get a profile field object.

Used By
Used By	Description
bp-xprofile/classes/class-bp-xprofile-field-type-radiobutton.php: BP_XProfile_Field_Type_Radiobutton::edit_field_options_html()	Output the edit field options HTML for this field type.
bp-xprofile/classes/class-bp-xprofile-field-type-checkbox.php: BP_XProfile_Field_Type_Checkbox::edit_field_options_html()	Output the edit field options HTML for this field type.
bp-xprofile/classes/class-bp-xprofile-field-type-gender.php: BP_XProfile_Field_Type_Gender::edit_field_options_html()	Output the edit field options HTML for this field type.
bp-xprofile/classes/class-bp-xprofile-field-type-selectbox.php: BP_XProfile_Field_Type_Selectbox::edit_field_options_html()	Output the edit field options HTML for this field type.
bp-xprofile/classes/class-bp-xprofile-field-type-multiselectbox.php: BP_XProfile_Field_Type_Multiselectbox::edit_field_options_html()	Output the edit field options HTML for this field type.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.

Contents