bp_xprofile_escape_field_data( string $value, string $field_type, int $field_id )

Escape field value for display.

Description

Most field values are simply run through esc_html(). Those that support rich text (by default, textarea only) are sanitized using kses, which allows a whitelist of HTML tags.

Parameters

$value: (Required) Field value.
$field_type: (Required) Field type.
$field_id: (Required) Field ID.

Return

(string)

Source

File: bp-xprofile/bp-xprofile-filters.php

function bp_xprofile_escape_field_data( $value, $field_type, $field_id ) {
	if ( bp_xprofile_is_richtext_enabled_for_field( $field_id ) ) {
		// The xprofile_filter_kses() expects a BP_XProfile_ProfileData object.
		$data_obj = null;
		if ( bp_is_user() ) {
			$data_obj = new BP_XProfile_ProfileData( $field_id, bp_displayed_user_id() );
		}

		$value = xprofile_filter_kses( $value, $data_obj );
	} else {
		$value = esc_html( $value );
	}

	return $value;
}

Expand full source code Collapse full source code

Changelog

Changelog
Version	Description
BuddyPress 2.4.0	Introduced.

Uses

Uses
Uses	Description
bp-xprofile/bp-xprofile-filters.php: xprofile_filter_kses()	Run profile field values through kses with filterable allowed tags.
bp-xprofile/bp-xprofile-functions.php: bp_xprofile_is_richtext_enabled_for_field()	Is rich text enabled for this profile field?
bp-xprofile/classes/class-bp-xprofile-profiledata.php: BP_XProfile_ProfileData::__construct()	BP_XProfile_ProfileData constructor.
bp-core/bp-core-template.php: bp_is_user()	Is the current page a user page?
bp-core/bp-core-template.php: bp_displayed_user_id()	Get the ID of the currently displayed user.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.

Contents