How to sanitize the post_name value before inserting in WordPress?
Simple:
$post_title = sanitize_title_with_dashes($post_title);
But WordPress does this for you already. I assume you need it for something different?
I'm guessing you're sanitizing by direct SQL insertion. Instead, consider using wp_post_insert() in your insertion script.
$new_post_id = wp_insert_post(array(
'post_title' => "This <open_tag insane title thing<b>LOL!;drop table `bobby`;"
));
At this point, you just worry about your title - and not the slug, post name, etc. WP will take care of the rest and (at least security) sanitization. The slug, as demonstrated in the screenshot, becomes fairly usable.
This function can be used by simply doing include( "wp-config.php" ); and going about your business without any other PHP overhead.
If you are dealing with some funky titles to begin with, a simple strip_tags(trim()) might do the trick. Otherwise, you've got other problems to deal with ;-)
Some solution might be found at http://postedpost.com/2008/06/23/ultimate-wordpress-post-name-url-sanitize-solution/
Also, you might want to do it as follows:
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}");
$post_name = str_replace(' ', '-', str_replace($special_chars, '', strtolower($post_name)));
Related
I need to search those elements who have space " " in their attributes.
For example:
<unit href="http:xxxx/unit/2 ">
Suppose above code have space in the last for href attribute.
I have done this using FLOWER query. But I need this to be done using CTS functions. Please suggest.
For FLOWER query I have tried this:
let $x := (
for $d in doc()
order by $d//id
return
for $attribute in data($d//#href)
return
if (fn:contains($attribute," ")) then
<td>{(concat( "id = " , $d//id) ,", data =", $attribute)}</td>
else ()
)
return <tr>{$x}</tr>
This is working fine.
For CTS I have tried
let $query :=
cts:element-attribute-value-query(xs:QName("methodology"),
xs:QName("href"),
xs:string(" "),
"wildcarded")
let $search := cts:search(doc(), $query)
return fn:count($search)
Your query is looking for " " to be the entirety of the value of the attribute. If you want to look for attributes that contain a space, then you need to use wildcards. However, since there is no indexing of whitespace except for exact value queries (which are by definition not wildcarded), you are not going to get a lot of index support for that query, so you'll need to run this as a filtered search (which you have in your code above) with a lot of false positives.
You may be better off creating a string range index on the attribute and doing value-match on that.
How can I send this text correctly:
$parameters['text'] = 'you must see [example](example.com) or contact with #exmaple_com';
if I don't use "Markdown", telegram don't show the above link
if I use "Markdown", telegram can't handle underline.
you should use backslash scapes to do so:
$parameters['text'] = 'you must see [example](example.com) or contact with #exmaple\\_com';
When you set your parse_mode on Markdown or MarkdownV2, you can't use these characters directly:
()._-
You should escape them using backslash,
Also, you should escape backslash itself.
for example, in Golang I wrote this function to solve my problem:
func FmtTelegram(input string) string {
return strings.NewReplacer(
"(", "\\(", // ()_-. are reserved by telegram.
")", "\\)",
"_", "\\_",
".", "\\.",
"-", "\\-",
).Replace(input)
}
And in PHP you should escape like this:
$parameters['text'] = '\\_com';
# or
$parameters['text'] = '\\.com';
# or
$parameters['text'] = '\\-com';
# or
$parameters['text'] = '\\(com\\)';
In my Wordpress RSS Feed : http://hellobiz.fr/feed/
Apostrophes are replaced by "’" in
I need to use the true character: '
Do you have solution please ?
Thank you !
I actually fixed the problem, although it might not be the most correct/elegant solution.
In wp-includes/feed-functions.php
function get_the_title_rss() {
$title = get_the_title();
// $title = apply_filters('the_title', $title);
$title = apply_filters('the_title_rss', $title);
return $title;
Commenting out that line changed the offending "right single quotation mark" (aka ’) into the straight up and down apostrophe that apparently magpie can handle no problem.
Before I started digging in the code I was playing with the encoding, and was in for a HECK of a surprise when I changed it to UTF-16.
I am using this:
$description = token_replace('[node:field-description]', array('node' => $node));
in a php code that I have created for a rule. But when a description contains a quote it gives me a PHP Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING. I figure it's because the quote is messing things up.
So my question is how can I escape this token value with php??
try
str_replace('"', "", $node);
str_replace("'", "", $node);
as far as I rem node is not a string so make sure you use convert value.
I'm programming in Ruby, where convention often dictates spacing around curly brakets like so:
grades = { Rob: 82, Billy: 58 }
I have been trying to get Aptana to change it's auto braket completion feature to insert a space when I type '{' so that I end up with my cursor in the middle of two curly braces which already have space padding like so: { | }.
I have edited my ruby ruble smart_typing_pairs variable from
smart_typing_pairs['source.ruby'] = ['"', '"', '|', '|', '(', ')', '{', '}', '[', ']', "'", "'", '', '']
to
smart_typing_pairs['source.ruby'] = ['"', '"', '|', '|', '(', ')', '{', ' }', '[', ']', "'", "'", '', '']
(Notice the space in the second })
But this just breaks bracket completion for braces. I can't seem to find an automatic string replacement feature in Aptana either.
Can anyone give me any hints? Thanks!