acf/removed_unsafe_html

acf/removed_unsafe_html

Hook Type: action

See hook in core

Displaying hooks found in version: advanced-custom-fields.6.3.6.3

do_action('acf/removed_unsafe_html') is found 3 times:

  • /includes/api/api-template.php line 126
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
        $field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
        if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $selector, $post_id, $field_type, $field ) ) {
            $value = $unescaped_value;
        } elseif ( $unescaped_value !== false && (string) $value !== (string) $unescaped_value ) {
            do_action( 'acf/removed_unsafe_html', __FUNCTION__, $selector, $field, $post_id );
        }
     
        echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped by logic above.
    }
     
    /**
  • /includes/api/api-template.php line 904
    900
    901
    902
    903
    904
    905
    906
    907
    908
        $field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
        if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $field_name, 'sub_field', $field_type, $field ) ) {
            $value = $unescaped_value;
        } elseif ( $unescaped_value !== false && (string) $value !== (string) $unescaped_value ) {
            do_action( 'acf/removed_unsafe_html', __FUNCTION__, $field_name, $field, false );
        }
     
        echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped inside get_sub_field_object where necessary.
    }
  • /includes/api/api-template.php line 1119
    1115
    1116
    1117
    1118
    1119
    1120
    1121
    1122
    1123
    1124
        // Handle getting the unescaped version if we're allowed unsafe html.
        if ( apply_filters( 'acf/shortcode/allow_unsafe_html', false, $atts, $field_type, $field ) ) {
            $value = $unescaped_value;
        } elseif ( $unescaped_value !== false && (string) $value !== (string) $unescaped_value ) {
            do_action( 'acf/removed_unsafe_html', __FUNCTION__, $atts['field'], $field, $post_id );
        }
     
        return $value;
    }
    add_shortcode( 'acf', 'acf_shortcode' );