stripslashes_deep( mixed $value )

Navigates through an array, object, or scalar, and removes slashes from the values.

Contents

Description Description

Parameters Parameters

$value

(mixed) (Required) The value to be stripped.

Top ↑

Return Return

(mixed) Stripped value.

Top ↑

Source Source

File: wp-includes/formatting.php 

function stripslashes_deep( $value ) {
	return map_deep( $value, 'stripslashes_from_strings_only' );
}

Expand full source code Collapse full source code View on Trac

Top ↑

Changelog Changelog

Changelog
Version Description
2.0.0 Introduced.

Top ↑

Top ↑

Uses Uses

Uses
Uses Description
wp-includes/formatting.php: map_deep()

Maps a function to all non-iterable elements of an array or an object.

Top ↑

Used By Used By

Used By
Used By Description
wp-includes/rest-api/class-wp-rest-request.php: WP_REST_Request::parse_body_params()

Parses the request body parameters.
wp-admin/includes/ajax-actions.php: wp_ajax_send_attachment_to_editor()

Ajax handler for sending an attachment to the editor.
wp-includes/formatting.php: wp_unslash()

Remove slashes from a string or array of strings.
wp-includes/formatting.php: wp_parse_str()

Parses a string into variables to be stored in an array.
wp-includes/load.php: wp_magic_quotes()

Add magic quotes to $_GET, $_POST, $_COOKIE, and $_SERVER.
wp-includes/class-wp-widget.php: WP_Widget::update_callback()

Handles changed settings (Do NOT override).
Show 1 more used by Hide more used by

Top ↑

User Contributed Notes User Contributed Notes

  1. Skip to note 1 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 1You must log in to vote on the helpfulness of this note
    Contributed by Codex

    Good Coding Practice
    WordPress adds slashes to $_POST/$_GET/$_REQUEST/$_COOKIE regardless of what get_magic_quotes_gpc() returns. So in the context of WordPress, stripslashes() or stipslashes_deep() should always be used when using those variables.

    Example:

    $my_post = stripslashes_deep($_POST);
$my_value = $my_post['value'];

    Or:

    $my_value = stripslashes($_POST['value']);
  2. Skip to note 2 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note
    Contributed by Codex

    Basic Example
    You may want this function when developing your own PHP application intended to run within the WordPress environment. Specifically, your program needs to strip slashes when data arrives via $_POST, $_GET, $_COOKIE, and $_REQUEST arrays.

    An example would be a “Contact Me” page and the ancillary program that sanitizes the user-supplied text. Such user inputs typically travel from an HTML to your program by way of the $_POST array. stripslashes_deep(), in that case, could be used thus (caution, see notes below):

    $_POST = stripslashes_deep( $_POST );

    The stripslashes_deep() function is recursive and will walk through the $_POST array even when some of the elements are themselves an array.

    Please note: WordPress Core and most plugins will still be expecting slashes, and the above code will confuse and break them. If you must unslash, consider only doing it to your own data which isn’t used by others:

    $your_own_data = stripslashes_deep( $_POST['your_own_data'] );

You must log in before being able to contribute a note or feedback.