bp_xprofile_escape_field_data( string $value, string $field_type, int $field_id )

Escape field value for display.

Description

Most field values are simply run through esc_html(). Those that support rich text (by default, textarea only) are sanitized using kses, which allows a whitelist of HTML tags.

Parameters

$value

(string) (Required) Field value.

$field_type

(string) (Required) Field type.

$field_id

(int) (Required) Field ID.

Return

(string)

Source

File: bp-xprofile/bp-xprofile-filters.php

function bp_xprofile_escape_field_data( $value, $field_type, $field_id ) {
	if ( bp_xprofile_is_richtext_enabled_for_field( $field_id ) ) {
		// The xprofile_filter_kses() expects a BP_XProfile_ProfileData object.
		$data_obj = null;
		if ( bp_is_user() ) {
			$data_obj = new BP_XProfile_ProfileData( $field_id, bp_displayed_user_id() );
		}

		$value = xprofile_filter_kses( $value, $data_obj );
	} else {
		$value = esc_html( $value );
	}

	return $value;
}

Changelog

Changelog
Version Description
BuddyPress 2.4.0 Introduced.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.