wp_kses_attr_check( string $name, string $value, string $whole, string $vless, string $element, array $allowed_html )

Determine whether an attribute is allowed.


Parameters

$name

(Required) The attribute name. Returns empty string when not allowed.

$value

(Required) The attribute value. Returns a filtered value.

$whole

(Required) The name=value input. Returns filtered input.

$vless

(Required) 'y' when attribute like "enabled", otherwise 'n'.

$element

(Required) The name of the element to which this attribute belongs.

$allowed_html

(Required) The full list of allowed elements and attributes.


Return

(bool) Is the attribute allowed?


Source

File: wp-includes/kses.php

function wp_kses_attr_check( &$name, &$value, &$whole, $vless, $element, $allowed_html ) {
	$allowed_attr = $allowed_html[strtolower( $element )];

	$name_low = strtolower( $name );
	if ( ! isset( $allowed_attr[$name_low] ) || '' == $allowed_attr[$name_low] ) {
		$name = $value = $whole = '';
		return false;
	}

	if ( 'style' == $name_low ) {
		$new_value = safecss_filter_attr( $value );

		if ( empty( $new_value ) ) {
			$name = $value = $whole = '';
			return false;
		}

		$whole = str_replace( $value, $new_value, $whole );
		$value = $new_value;
	}

	if ( is_array( $allowed_attr[$name_low] ) ) {
		// there are some checks
		foreach ( $allowed_attr[$name_low] as $currkey => $currval ) {
			if ( ! wp_kses_check_attr_val( $value, $vless, $currkey, $currval ) ) {
				$name = $value = $whole = '';
				return false;
			}
		}
	}

	return true;
}


Changelog

Changelog
Version Description
WP-4.2.3 Introduced.