Make WordPress Core

Ticket #5641: kses.phpdoc.r6603.diff

File kses.phpdoc.r6603.diff, 25.4 KB (added by darkdragon, 17 years ago)

Complete phpdoc documentation for kses.php based off of r6603

  • kses.php

     
    11<?php
     2/**
     3 * HTML/XHTML filter that only allows some elements and attributes
     4 *
     5 * Added wp_ prefix to avoid conflicts with existing kses users
     6 *
     7 * @version 0.2.2
     8 * @copyright (C) 2002, 2003, 2005
     9 * @author Ulf Harnhammar <metaur@users.sourceforge.net>
     10 *
     11 * @package External
     12 * @subpackage KSES
     13 *
     14 * @internal
     15 * *** CONTACT INFORMATION ***
     16 * E-mail:      metaur at users dot sourceforge dot net
     17 * Web page:    http://sourceforge.net/projects/kses
     18 * Paper mail:  Ulf Harnhammar
     19 *              Ymergatan 17 C
     20 *              753 25  Uppsala
     21 *              SWEDEN
     22 *
     23 * [kses strips evil scripts!]
     24 */
    225
    3 // Added wp_ prefix to avoid conflicts with existing kses users
    4 # kses 0.2.2 - HTML/XHTML filter that only allows some elements and attributes
    5 # Copyright (C) 2002, 2003, 2005  Ulf Harnhammar
    6 # *** CONTACT INFORMATION ***
    7 #
    8 # E-mail:      metaur at users dot sourceforge dot net
    9 # Web page:    http://sourceforge.net/projects/kses
    10 # Paper mail:  Ulf Harnhammar
    11 #              Ymergatan 17 C
    12 #              753 25  Uppsala
    13 #              SWEDEN
    14 #
    15 # [kses strips evil scripts!]
     26/**
     27 * You can override this in your my-hacks.php file
     28 * You can also override this in a plugin file. The
     29 * my-hacks.php is deprecated in its usage.
     30 *
     31 * @since 1.2.0
     32 */
    1633if (!defined('CUSTOM_TAGS'))
    1734        define('CUSTOM_TAGS', false);
    1835
    19 // You can override this in your my-hacks.php file
    2036if (!CUSTOM_TAGS) {
     37        /**
     38         * Kses global for default allowable HTML tags
     39         *
     40         * Can be override by using CUSTOM_TAGS constant
     41         * @global array $allowedposttags
     42         * @since 2.0.0
     43         */
    2144        $allowedposttags = array(
    2245                'address' => array(),
    2346                'a' => array(
     
    183206                'var' => array()
    184207        );
    185208
     209        /**
     210         * Kses allowed HTML elements
     211         *
     212         * @global array $allowedtags
     213         * @since 1.0.0
     214         */
    186215        $allowedtags = array(
    187216                'a' => array(
    188217                        'href' => array(), 'title' => array()
     
    219248        );
    220249}
    221250
    222 function wp_kses($string, $allowed_html, $allowed_protocols = array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet'))
    223         ###############################################################################
    224                 # This function makes sure that only the allowed HTML element names, attribute
    225                 # names and attribute values plus only sane HTML entities will occur in
    226                 # $string. You have to remove any slashes from PHP's magic quotes before you
    227                 # call this function.
    228                 ###############################################################################
    229         {
     251/**
     252 * wp_kses() - Filters content and keeps only allowable HTML elements.
     253 *
     254 * This function makes sure that only the allowed HTML element names,
     255 * attribute names and attribute values plus only sane HTML entities
     256 * will occur in $string. You have to remove any slashes from PHP's
     257 * magic quotes before you call this function.
     258 *
     259 * The default allowed protocols are 'http', 'https', 'ftp', 'mailto',
     260 * 'news', 'irc', 'gopher', 'nntp', 'feed', and finally 'telnet. This
     261 * covers all common link protocols, except for 'javascript' which
     262 * should not be allowed for untrusted users.
     263 *
     264 * @since 1.0.0
     265 *
     266 * @param string $string Content to filter through kses
     267 * @param array $allowed_html List of allowed HTML elements
     268 * @param array $allowed_protocols Optional. Allowed protocol in links.
     269 * @return string Filtered content with only allowed HTML elements
     270 */
     271function wp_kses($string, $allowed_html, $allowed_protocols = array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet')) {
    230272        $string = wp_kses_no_null($string);
    231273        $string = wp_kses_js_entities($string);
    232274        $string = wp_kses_normalize_entities($string);
    233275        $allowed_html_fixed = wp_kses_array_lc($allowed_html);
    234276        $string = wp_kses_hook($string, $allowed_html_fixed, $allowed_protocols); // WP changed the order of these funcs and added args to wp_kses_hook
    235277        return wp_kses_split($string, $allowed_html_fixed, $allowed_protocols);
    236 } # function wp_kses
     278}
    237279
    238 function wp_kses_hook($string, $allowed_html, $allowed_protocols)
    239 ###############################################################################
    240 # You add any kses hooks here.
    241 ###############################################################################
    242 {
     280/**
     281 * wp_kses_hook() - You add any kses hooks here.
     282 *
     283 * There is currently only one kses WordPress hook and it is
     284 * called here. All parameters are passed to the hooks and
     285 * expected to recieve a string.
     286 *
     287 * @since 1.0.0
     288 *
     289 * @param string $string Content to filter through kses
     290 * @param array $allowed_html List of allowed HTML elements
     291 * @param array $allowed_protocols Allowed protocol in links
     292 * @return string Filtered content through 'pre_kses' hook
     293 */
     294function wp_kses_hook($string, $allowed_html, $allowed_protocols) {
    243295        $string = apply_filters('pre_kses', $string, $allowed_html, $allowed_protocols);
    244296        return $string;
    245 } # function wp_kses_hook
     297}
    246298
    247 function wp_kses_version()
    248 ###############################################################################
    249 # This function returns kses' version number.
    250 ###############################################################################
    251 {
     299/**
     300 * wp_kses_version() - This function returns kses' version number.
     301 *
     302 * @since 1.0.0
     303 *
     304 * @return string Version Number
     305 */
     306function wp_kses_version() {
    252307        return '0.2.2';
    253 } # function wp_kses_version
     308}
    254309
    255 function wp_kses_split($string, $allowed_html, $allowed_protocols)
    256 ###############################################################################
    257 # This function searches for HTML tags, no matter how malformed. It also
    258 # matches stray ">" characters.
    259 ###############################################################################
    260 {
     310/**
     311 * wp_kses_split() - Searches for HTML tags, no matter how malformed
     312 *
     313 * It also matches stray ">" characters.
     314 *
     315 * @since 1.0.0
     316 *
     317 * @param string $string Content to filter
     318 * @param array $allowed_html Allowed HTML elements
     319 * @param array $allowed_protocols Allowed protocols to keep
     320 * @return string Content with fixed HTML tags
     321 */
     322function wp_kses_split($string, $allowed_html, $allowed_protocols) {
    261323        return preg_replace('%((<!--.*?(-->|$))|(<[^>]*(>|$)|>))%e',
    262324        "wp_kses_split2('\\1', \$allowed_html, ".'$allowed_protocols)', $string);
    263 } # function wp_kses_split
     325}
    264326
    265 function wp_kses_split2($string, $allowed_html, $allowed_protocols)
    266 ###############################################################################
    267 # This function does a lot of work. It rejects some very malformed things
    268 # like <:::>. It returns an empty string, if the element isn't allowed (look
    269 # ma, no strip_tags()!). Otherwise it splits the tag into an element and an
    270 # attribute list.
    271 ###############################################################################
    272 {
     327/**
     328 * wp_kses_split2() - Callback for wp_kses_split for fixing malformed HTML tags
     329 *
     330 * This function does a lot of work. It rejects some very malformed things
     331 * like <:::>. It returns an empty string, if the element isn't allowed (look
     332 * ma, no strip_tags()!). Otherwise it splits the tag into an element and an
     333 * attribute list.
     334 *
     335 * After the tag is split into an element and an attribute list, it is run
     336 * through another filter which will remove illegal attributes and once
     337 * that is completed, will be returned.
     338 *
     339 * @since 1.0.0
     340 * @uses wp_kses_attr()
     341 *
     342 * @param string $string Content to filter
     343 * @param array $allowed_html Allowed HTML elements
     344 * @param array $allowed_protocols Allowed protocols to keep
     345 * @return string Fixed HTML element
     346 */
     347function wp_kses_split2($string, $allowed_html, $allowed_protocols) {
    273348        $string = wp_kses_stripslashes($string);
    274349
    275350        if (substr($string, 0, 1) != '<')
     
    303378        # No attributes are allowed for closing elements
    304379
    305380        return wp_kses_attr("$slash$elem", $attrlist, $allowed_html, $allowed_protocols);
    306 } # function wp_kses_split2
     381}
    307382
     383/**
     384 * wp_kses_attr() - Removes all attributes, if none are allowed for this element
     385 *
     386 * If some are allowed it calls wp_kses_hair() to split them further, and then
     387 * it builds up new HTML code from the data that kses_hair() returns. It also
     388 * removes "<" and ">" characters, if there are any left. One more thing it
     389 * does is to check if the tag has a closing XHTML slash, and if it does, it
     390 * puts one in the returned code as well.
     391 *
     392 * @since 1.0.0
     393 *
     394 * @param string $element HTML element/tag
     395 * @param string $attr HTML attributes from HTML element to closing HTML element tag
     396 * @param array $allowed_html Allowed HTML elements
     397 * @param array $allowed_protocols Allowed protocols to keep
     398 * @return string Sanitized HTML element
     399 */
    308400function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols)
    309 ###############################################################################
    310 # This function removes all attributes, if none are allowed for this element.
    311 # If some are allowed it calls wp_kses_hair() to split them further, and then it
    312 # builds up new HTML code from the data that kses_hair() returns. It also
    313 # removes "<" and ">" characters, if there are any left. One more thing it
    314 # does is to check if the tag has a closing XHTML slash, and if it does,
    315 # it puts one in the returned code as well.
    316 ###############################################################################
    317401{
    318402        # Is there a closing XHTML slash at the end of the attributes?
    319403
     
    366450        $attr2 = preg_replace('/[<>]/', '', $attr2);
    367451
    368452        return "<$element$attr2$xhtml_slash>";
    369 } # function wp_kses_attr
     453}
    370454
     455/**
     456 * wp_kses_hair() - Builds an attribute list from string containing attributes.
     457 *
     458 * This function does a lot of work. It parses an attribute list into an array
     459 * with attribute data, and tries to do the right thing even if it gets weird
     460 * input. It will add quotes around attribute values that don't have any quotes
     461 * or apostrophes around them, to make it easier to produce HTML code that will
     462 * conform to W3C's HTML specification. It will also remove bad URL protocols
     463 * from attribute values.
     464 *
     465 * @since 1.0.0
     466 *
     467 * @param string $attr Attribute list from HTML element to closing HTML element tag
     468 * @param array $allowed_protocols Allowed protocols to keep
     469 * @return array List of attributes after parsing
     470 */
    371471function wp_kses_hair($attr, $allowed_protocols)
    372 ###############################################################################
    373 # This function does a lot of work. It parses an attribute list into an array
    374 # with attribute data, and tries to do the right thing even if it gets weird
    375 # input. It will add quotes around attribute values that don't have any quotes
    376 # or apostrophes around them, to make it easier to produce HTML code that will
    377 # conform to W3C's HTML specification. It will also remove bad URL protocols
    378 # from attribute values.
    379 ###############################################################################
    380472{
    381473        $attrarr = array ();
    382474        $mode = 0;
     
    460552                } # switch
    461553
    462554                if ($working == 0) # not well formed, remove and try again
    463                         {
     555                {
    464556                        $attr = wp_kses_html_error($attr);
    465557                        $mode = 0;
    466558                }
     
    472564                $attrarr[] = array ('name' => $attrname, 'value' => '', 'whole' => $attrname, 'vless' => 'y');
    473565
    474566        return $attrarr;
    475 } # function wp_kses_hair
     567}
    476568
     569/**
     570 * wp_kses_check_attr_val() - Performs different checks for attribute values.
     571 *
     572 * The currently implemented checks are "maxlen", "minlen", "maxval", "minval"
     573 * and "valueless" with even more checks to come soon.
     574 *
     575 * @since 1.0.0
     576 *
     577 * @param string $value Attribute value
     578 * @param string $vless Whether the value is valueless or not. Use 'y' or 'n'
     579 * @param string $checkname What $checkvalue is checking for.
     580 * @param mixed $checkvalue What constraint the value should pass
     581 * @return bool Whether check passes (true) or not (false)
     582 */
    477583function wp_kses_check_attr_val($value, $vless, $checkname, $checkvalue)
    478 ###############################################################################
    479 # This function performs different checks for attribute values. The currently
    480 # implemented checks are "maxlen", "minlen", "maxval", "minval" and "valueless"
    481 # with even more checks to come soon.
    482 ###############################################################################
    483584{
    484585        $ok = true;
    485586
     
    536637        } # switch
    537638
    538639        return $ok;
    539 } # function wp_kses_check_attr_val
     640}
    540641
     642/**
     643 * wp_kses_bad_protocol() - Sanitize string from bad protocols
     644 *
     645 * This function removes all non-allowed protocols from the beginning
     646 * of $string. It ignores whitespace and the case of the letters, and
     647 * it does understand HTML entities. It does its work in a while loop,
     648 * so it won't be fooled by a string like "javascript:javascript:alert(57)".
     649 *
     650 * @since 1.0.0
     651 *
     652 * @param string $string Content to filter bad protocols from
     653 * @param array $allowed_protocols Allowed protocols to keep
     654 * @return string Filtered content
     655 */
    541656function wp_kses_bad_protocol($string, $allowed_protocols)
    542 ###############################################################################
    543 # This function removes all non-allowed protocols from the beginning of
    544 # $string. It ignores whitespace and the case of the letters, and it does
    545 # understand HTML entities. It does its work in a while loop, so it won't be
    546 # fooled by a string like "javascript:javascript:alert(57)".
    547 ###############################################################################
    548657{
    549658        $string = wp_kses_no_null($string);
    550659        $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
     
    556665        } # while
    557666
    558667        return $string;
    559 } # function wp_kses_bad_protocol
     668}
    560669
     670/**
     671 * wp_kses_no_null() - Removes any NULL characters in $string.
     672 *
     673 * @since 1.0.0
     674 *
     675 * @param string $string
     676 * @return string
     677 */
    561678function wp_kses_no_null($string)
    562 ###############################################################################
    563 # This function removes any NULL characters in $string.
    564 ###############################################################################
    565679{
    566680        $string = preg_replace('/\0+/', '', $string);
    567681        $string = preg_replace('/(\\\\0)+/', '', $string);
    568682
    569683        return $string;
    570 } # function wp_kses_no_null
     684}
    571685
     686/**
     687 * wp_kses_stripslashes() - Strips slashes from in front of quotes
     688 *
     689 * This function changes the character sequence  \"  to just  "
     690 * It leaves all other slashes alone. It's really weird, but the
     691 * quoting from preg_replace(//e) seems to require this.
     692 *
     693 * @since 1.0.0
     694 *
     695 * @param string $string String to strip slashes
     696 * @return string Fixed strings with quoted slashes
     697 */
    572698function wp_kses_stripslashes($string)
    573 ###############################################################################
    574 # This function changes the character sequence  \"  to just  "
    575 # It leaves all other slashes alone. It's really weird, but the quoting from
    576 # preg_replace(//e) seems to require this.
    577 ###############################################################################
    578699{
    579700        return preg_replace('%\\\\"%', '"', $string);
    580 } # function wp_kses_stripslashes
     701}
    581702
     703/**
     704 * wp_kses_array_lc() - Goes through an array and changes the keys to all lower case.
     705 *
     706 * @since 1.0.0
     707 *
     708 * @param array $inarray Unfiltered array
     709 * @return array Fixed array with all lowercase keys
     710 */
    582711function wp_kses_array_lc($inarray)
    583 ###############################################################################
    584 # This function goes through an array, and changes the keys to all lower case.
    585 ###############################################################################
    586712{
    587713        $outarray = array ();
    588714
     
    597723        } # foreach $inarray
    598724
    599725        return $outarray;
    600 } # function wp_kses_array_lc
     726}
    601727
    602 function wp_kses_js_entities($string)
    603 ###############################################################################
    604 # This function removes the HTML JavaScript entities found in early versions of
    605 # Netscape 4.
    606 ###############################################################################
    607 {
     728/**
     729 * wp_kses_js_entities() - Removes the HTML JavaScript entities found in early versions of Netscape 4.
     730 *
     731 * @since 1.0.0
     732 *
     733 * @param string $string
     734 * @return string
     735 */
     736function wp_kses_js_entities($string) {
    608737        return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
    609 } # function wp_kses_js_entities
     738}
    610739
    611 function wp_kses_html_error($string)
    612 ###############################################################################
    613 # This function deals with parsing errors in wp_kses_hair(). The general plan is
    614 # to remove everything to and including some whitespace, but it deals with
    615 # quotes and apostrophes as well.
    616 ###############################################################################
    617 {
     740/**
     741 * wp_kses_html_error() - Handles parsing errors in wp_kses_hair()
     742 *
     743 * The general plan is to remove everything to and including some
     744 * whitespace, but it deals with quotes and apostrophes as well.
     745 *
     746 * @since 1.0.0
     747 *
     748 * @param string $string
     749 * @return string
     750 */
     751function wp_kses_html_error($string) {
    618752        return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
    619 } # function wp_kses_html_error
     753}
    620754
    621 function wp_kses_bad_protocol_once($string, $allowed_protocols)
    622 ###############################################################################
    623 # This function searches for URL protocols at the beginning of $string, while
    624 # handling whitespace and HTML entities.
    625 ###############################################################################
    626 {
     755/**
     756 * wp_kses_bad_protocol_once() - Sanitizes content from bad protocols and other characters
     757 *
     758 * This function searches for URL protocols at the beginning of $string,
     759 * while handling whitespace and HTML entities.
     760 *
     761 * @since 1.0.0
     762 *
     763 * @param string $string Content to check for bad protocols
     764 * @param string $allowed_protocols Allowed protocols
     765 * @return string Sanitized content
     766 */
     767function wp_kses_bad_protocol_once($string, $allowed_protocols) {
    627768        return preg_replace('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|&#58;|&#[Xx]3[Aa];)\s*/e', 'wp_kses_bad_protocol_once2("\\1", $allowed_protocols)', $string);
    628 } # function wp_kses_bad_protocol_once
     769}
    629770
    630 function wp_kses_bad_protocol_once2($string, $allowed_protocols)
    631 ###############################################################################
    632 # This function processes URL protocols, checks to see if they're in the white-
    633 # list or not, and returns different data depending on the answer.
    634 ###############################################################################
    635 {
     771/**
     772 * wp_kses_bad_protocol_once2() - Callback for wp_kses_bad_protocol_once() regular expression.
     773 *
     774 * This function processes URL protocols, checks to see if they're in the
     775 * white-list or not, and returns different data depending on the answer.
     776 *
     777 * @since 1.0.0
     778 *
     779 * @param string $string Content to check for bad protocols
     780 * @param array $allowed_protocols Allowed protocols
     781 * @return string Sanitized content
     782 */
     783function wp_kses_bad_protocol_once2($string, $allowed_protocols) {
    636784        $string2 = wp_kses_decode_entities($string);
    637785        $string2 = preg_replace('/\s/', '', $string2);
    638786        $string2 = wp_kses_no_null($string2);
     
    651799                return "$string2:";
    652800        else
    653801                return '';
    654 } # function wp_kses_bad_protocol_once2
     802}
    655803
    656 function wp_kses_normalize_entities($string)
    657 ###############################################################################
    658 # This function normalizes HTML entities. It will convert "AT&T" to the correct
    659 # "AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
    660 ###############################################################################
    661 {
     804/**
     805 * wp_kses_normalize_entities() - Converts and fixes HTML entities
     806 *
     807 * This function normalizes HTML entities. It will convert "AT&T" to the
     808 * correct "AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;"
     809 * and so on.
     810 *
     811 * @since 1.0.0
     812 *
     813 * @param string $string Content to normalize entities
     814 * @return string Content with normalized entities
     815 */
     816function wp_kses_normalize_entities($string) {
    662817        # Disarm all entities by converting & to &amp;
    663818
    664819        $string = str_replace('&', '&amp;', $string);
     
    670825        $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', '&#\\1\\2;', $string);
    671826
    672827        return $string;
    673 } # function wp_kses_normalize_entities
     828}
    674829
    675 function wp_kses_normalize_entities2($i)
    676 ###############################################################################
    677 # This function helps wp_kses_normalize_entities() to only accept 16 bit values
    678 # and nothing more for &#number; entities.
    679 ###############################################################################
    680 {
     830/**
     831 * wp_kses_normalize_entities2() - Callback for wp_kses_normalize_entities() regular expression
     832 *
     833 * This function helps wp_kses_normalize_entities() to only accept 16 bit
     834 * values and nothing more for &#number; entities.
     835 *
     836 * @since 1.0.0
     837 *
     838 * @param int $i Number encoded entity
     839 * @return string Correctly encoded entity
     840 */
     841function wp_kses_normalize_entities2($i) {
    681842        return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
    682 } # function wp_kses_normalize_entities2
     843}
    683844
    684 function wp_kses_decode_entities($string)
    685 ###############################################################################
    686 # This function decodes numeric HTML entities (&#65; and &#x41;). It doesn't
    687 # do anything with other entities like &auml;, but we don't need them in the
    688 # URL protocol whitelisting system anyway.
    689 ###############################################################################
    690 {
     845/**
     846 * wp_kses_decode_entities() - Convert all entities to their character counterparts.
     847 *
     848 * This function decodes numeric HTML entities (&#65; and &#x41;). It
     849 * doesn't do anything with other entities like &auml;, but we don't need
     850 * them in the URL protocol whitelisting system anyway.
     851 *
     852 * @since 1.0.0
     853 *
     854 * @param string $string Content to change entities
     855 * @return string Content after decoded entities
     856 */
     857function wp_kses_decode_entities($string) {
    691858        $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
    692859        $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
    693860
    694861        return $string;
    695 } # function wp_kses_decode_entities
     862}
    696863
     864/**
     865 * wp_filter_kses() - Sanitize content with allowed HTML Kses rules
     866 *
     867 * @since 1.0.0
     868 * @uses $allowedtags
     869 *
     870 * @param string $data Content to filter
     871 * @return string Filtered content
     872 */
    697873function wp_filter_kses($data) {
    698874        global $allowedtags;
    699875        return addslashes( wp_kses(stripslashes( $data ), $allowedtags) );
    700876}
    701877
     878/**
     879 * wp_filter_post_kses() - Sanitize content for allowed HTML tags for post content
     880 *
     881 * Post content refers to the page contents of the 'post' type and not
     882 * $_POST data from forms.
     883 *
     884 * @since 2.0.0
     885 * @uses $allowedposttags
     886 *
     887 * @param string $data Post content to filter
     888 * @return string Filtered post content with allowed HTML tags and attributes intact.
     889 */
    702890function wp_filter_post_kses($data) {
    703891        global $allowedposttags;
    704892        return addslashes ( wp_kses(stripslashes( $data ), $allowedposttags) );
    705893}
    706894
     895/**
     896 * wp_filter_nohtml_kses() - Strips all of the HTML in the content
     897 *
     898 * @since 2.1.0
     899 *
     900 * @param string $data Content to strip all HTML from
     901 * @return string Filtered content without any HTML
     902 */
    707903function wp_filter_nohtml_kses($data) {
    708904        return addslashes ( wp_kses(stripslashes( $data ), array()) );
    709905}
    710906
     907/**
     908 * kses_init_filters() - Adds all Kses input form content filters
     909 *
     910 * All hooks have default priority. The wp_filter_kses() fucntion
     911 * is added to the 'pre_comment_content' and 'title_save_pre'
     912 * hooks. The wp_filter_post_kses() function is added to the
     913 * 'content_save_pre', 'excerpt_save_pre', and 'content_filtered_save_pre'
     914 * hooks.
     915 *
     916 * @since 2.0.0
     917 * @uses add_filter() See description for what functions are added to what hooks.
     918 */
    711919function kses_init_filters() {
    712920        // Normal filtering.
    713921        add_filter('pre_comment_content', 'wp_filter_kses');
     
    719927        add_filter('content_filtered_save_pre', 'wp_filter_post_kses');
    720928}
    721929
     930/**
     931 * kses_remove_filters() - Removes all Kses input form content filters
     932 *
     933 * A quick procedural method to removing all of the filters
     934 * that kses uses for content in WordPress Loop.
     935 *
     936 * Does not remove the kses_init() function from 'init' hook
     937 * (priority is default). Also does not remove kses_init()
     938 * function from 'set_current_user' hook (priority is also
     939 * default).
     940 *
     941 * @since 2.0.6
     942 */
    722943function kses_remove_filters() {
    723944        // Normal filtering.
    724945        remove_filter('pre_comment_content', 'wp_filter_kses');
     
    730951        remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
    731952}
    732953
     954/**
     955 * kses_init() - Sets up most of the Kses filters for input form content
     956 *
     957 * If you remove the kses_init() function from 'init' hook and
     958 * 'set_current_user' (priority is default), then none of the
     959 * Kses filter hooks will be added.
     960 *
     961 * First removes all of the Kses filters in case the current user
     962 * does not need to have Kses filter the content. If the user does
     963 * not have unfiltered html capability, then Kses filters are added.
     964 *
     965 * @uses kses_remove_filters() Removes the Kses filters
     966 * @uses kses_init_filters() Adds the Kses filters back if the user
     967 *              does not have unfiltered HTML capability.
     968 * @since 2.0.0
     969 */
    733970function kses_init() {
    734971        kses_remove_filters();
    735972
     
    739976
    740977add_action('init', 'kses_init');
    741978add_action('set_current_user', 'kses_init');
    742 ?>
     979?>
     980 No newline at end of file