+ return $string;
+}
+
+/**
+ * Sanitizes a filename, replacing whitespace with dashes.
+ *
+ * Removes special characters that are illegal in filenames on certain
+ * operating systems and special characters requiring special escaping
+ * to manipulate at the command line. Replaces spaces and consecutive
+ * dashes with a single dash. Trims period, dash and underscore from beginning
+ * and end of filename.
+ *
+ * @since 2.1.0
+ *
+ * @param string $filename The filename to be sanitized
+ * @return string The sanitized filename
+ */
+function sanitize_file_name( $filename ) {
+ $filename_raw = $filename;
+ $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
+ /**
+ * Filter the list of characters to remove from a filename.
+ *
+ * @since 2.8.0
+ *
+ * @param array $special_chars Characters to remove.
+ * @param string $filename_raw Filename as it was passed into sanitize_file_name().
+ */
+ $special_chars = apply_filters( 'sanitize_file_name_chars', $special_chars, $filename_raw );
+ $filename = preg_replace( "#\x{00a0}#siu", ' ', $filename );
+ $filename = str_replace( $special_chars, '', $filename );
+ $filename = str_replace( array( '%20', '+' ), '-', $filename );
+ $filename = preg_replace( '/[\r\n\t -]+/', '-', $filename );
+ $filename = trim( $filename, '.-_' );
+
+ // Split the filename into a base and extension[s]
+ $parts = explode('.', $filename);
+
+ // Return if only one extension
+ if ( count( $parts ) <= 2 ) {
+ /**
+ * Filter a sanitized filename string.
+ *
+ * @since 2.8.0
+ *
+ * @param string $filename Sanitized filename.
+ * @param string $filename_raw The filename prior to sanitization.
+ */
+ return apply_filters( 'sanitize_file_name', $filename, $filename_raw );
+ }
+
+ // Process multiple extensions
+ $filename = array_shift($parts);
+ $extension = array_pop($parts);
+ $mimes = get_allowed_mime_types();
+
+ /*
+ * Loop over any intermediate extensions. Postfix them with a trailing underscore
+ * if they are a 2 - 5 character long alpha string not in the extension whitelist.
+ */
+ foreach ( (array) $parts as $part) {
+ $filename .= '.' . $part;
+
+ if ( preg_match("/^[a-zA-Z]{2,5}\d?$/", $part) ) {
+ $allowed = false;
+ foreach ( $mimes as $ext_preg => $mime_match ) {
+ $ext_preg = '!^(' . $ext_preg . ')$!i';
+ if ( preg_match( $ext_preg, $part ) ) {
+ $allowed = true;
+ break;
+ }
+ }
+ if ( !$allowed )
+ $filename .= '_';
+ }
+ }
+ $filename .= '.' . $extension;
+ /** This filter is documented in wp-includes/formatting.php */
+ return apply_filters('sanitize_file_name', $filename, $filename_raw);
+}
+
+/**
+ * Sanitizes a username, stripping out unsafe characters.
+ *
+ * Removes tags, octets, entities, and if strict is enabled, will only keep
+ * alphanumeric, _, space, ., -, @. After sanitizing, it passes the username,
+ * raw username (the username in the parameter), and the value of $strict as
+ * parameters for the 'sanitize_user' filter.
+ *
+ * @since 2.0.0
+ *
+ * @param string $username The username to be sanitized.
+ * @param bool $strict If set limits $username to specific characters. Default false.
+ * @return string The sanitized username, after passing through filters.
+ */
+function sanitize_user( $username, $strict = false ) {
+ $raw_username = $username;
+ $username = wp_strip_all_tags( $username );
+ $username = remove_accents( $username );
+ // Kill octets
+ $username = preg_replace( '|%([a-fA-F0-9][a-fA-F0-9])|', '', $username );
+ $username = preg_replace( '/&.+?;/', '', $username ); // Kill entities
+
+ // If strict, reduce to ASCII for max portability.
+ if ( $strict )
+ $username = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $username );
+
+ $username = trim( $username );
+ // Consolidate contiguous whitespace
+ $username = preg_replace( '|\s+|', ' ', $username );
+
+ /**
+ * Filter a sanitized username string.
+ *
+ * @since 2.0.1
+ *
+ * @param string $username Sanitized username.
+ * @param string $raw_username The username prior to sanitization.
+ * @param bool $strict Whether to limit the sanitization to specific characters. Default false.
+ */
+ return apply_filters( 'sanitize_user', $username, $raw_username, $strict );
+}
+
+/**
+ * Sanitizes a string key.
+ *
+ * Keys are used as internal identifiers. Lowercase alphanumeric characters, dashes and underscores are allowed.
+ *
+ * @since 3.0.0
+ *
+ * @param string $key String key
+ * @return string Sanitized key
+ */
+function sanitize_key( $key ) {
+ $raw_key = $key;
+ $key = strtolower( $key );
+ $key = preg_replace( '/[^a-z0-9_\-]/', '', $key );
+
+ /**
+ * Filter a sanitized key string.
+ *
+ * @since 3.0.0
+ *
+ * @param string $key Sanitized key.
+ * @param string $raw_key The key prior to sanitization.
+ */
+ return apply_filters( 'sanitize_key', $key, $raw_key );
+}
+
+/**
+ * Sanitizes a title, or returns a fallback title.
+ *
+ * Specifically, HTML and PHP tags are stripped. Further actions can be added
+ * via the plugin API. If $title is empty and $fallback_title is set, the latter
+ * will be used.
+ *
+ * @since 1.0.0
+ *
+ * @param string $title The string to be sanitized.
+ * @param string $fallback_title Optional. A title to use if $title is empty.
+ * @param string $context Optional. The operation for which the string is sanitized
+ * @return string The sanitized string.
+ */
+function sanitize_title( $title, $fallback_title = '', $context = 'save' ) {
+ $raw_title = $title;
+
+ if ( 'save' == $context )
+ $title = remove_accents($title);
+
+ /**
+ * Filter a sanitized title string.
+ *
+ * @since 1.2.0
+ *
+ * @param string $title Sanitized title.
+ * @param string $raw_title The title prior to sanitization.
+ * @param string $context The context for which the title is being sanitized.
+ */
+ $title = apply_filters( 'sanitize_title', $title, $raw_title, $context );
+
+ if ( '' === $title || false === $title )
+ $title = $fallback_title;
+
+ return $title;
+}
+
+/**
+ * Sanitizes a title with the 'query' context.
+ *
+ * Used for querying the database for a value from URL.
+ *
+ * @since 3.1.0
+ *
+ * @param string $title The string to be sanitized.
+ * @return string The sanitized string.
+ */
+function sanitize_title_for_query( $title ) {
+ return sanitize_title( $title, '', 'query' );
+}
+
+/**
+ * Sanitizes a title, replacing whitespace and a few other characters with dashes.
+ *
+ * Limits the output to alphanumeric characters, underscore (_) and dash (-).
+ * Whitespace becomes a dash.
+ *
+ * @since 1.2.0
+ *
+ * @param string $title The title to be sanitized.
+ * @param string $raw_title Optional. Not used.
+ * @param string $context Optional. The operation for which the string is sanitized.
+ * @return string The sanitized title.
+ */
+function sanitize_title_with_dashes( $title, $raw_title = '', $context = 'display' ) {
+ $title = strip_tags($title);
+ // Preserve escaped octets.
+ $title = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '---$1---', $title);
+ // Remove percent signs that are not part of an octet.
+ $title = str_replace('%', '', $title);
+ // Restore octets.
+ $title = preg_replace('|---([a-fA-F0-9][a-fA-F0-9])---|', '%$1', $title);
+
+ if (seems_utf8($title)) {
+ if (function_exists('mb_strtolower')) {
+ $title = mb_strtolower($title, 'UTF-8');
+ }
+ $title = utf8_uri_encode($title, 200);
+ }
+
+ $title = strtolower($title);
+ $title = preg_replace('/&.+?;/', '', $title); // kill entities
+ $title = str_replace('.', '-', $title);
+
+ if ( 'save' == $context ) {
+ // Convert nbsp, ndash and mdash to hyphens
+ $title = str_replace( array( '%c2%a0', '%e2%80%93', '%e2%80%94' ), '-', $title );
+
+ // Strip these characters entirely
+ $title = str_replace( array(
+ // iexcl and iquest
+ '%c2%a1', '%c2%bf',
+ // angle quotes
+ '%c2%ab', '%c2%bb', '%e2%80%b9', '%e2%80%ba',
+ // curly quotes
+ '%e2%80%98', '%e2%80%99', '%e2%80%9c', '%e2%80%9d',
+ '%e2%80%9a', '%e2%80%9b', '%e2%80%9e', '%e2%80%9f',
+ // copy, reg, deg, hellip and trade
+ '%c2%a9', '%c2%ae', '%c2%b0', '%e2%80%a6', '%e2%84%a2',
+ // acute accents
+ '%c2%b4', '%cb%8a', '%cc%81', '%cd%81',
+ // grave accent, macron, caron
+ '%cc%80', '%cc%84', '%cc%8c',
+ ), '', $title );
+
+ // Convert times to x
+ $title = str_replace( '%c3%97', 'x', $title );
+ }
+
+ $title = preg_replace('/[^%a-z0-9 _-]/', '', $title);
+ $title = preg_replace('/\s+/', '-', $title);
+ $title = preg_replace('|-+|', '-', $title);
+ $title = trim($title, '-');
+
+ return $title;
+}
+
+/**
+ * Ensures a string is a valid SQL 'order by' clause.
+ *
+ * Accepts one or more columns, with or without a sort order (ASC / DESC).
+ * e.g. 'column_1', 'column_1, column_2', 'column_1 ASC, column_2 DESC' etc.
+ *
+ * Also accepts 'RAND()'.
+ *
+ * @since 2.5.1
+ *
+ * @param string $orderby Order by clause to be validated.
+ * @return string|false Returns $orderby if valid, false otherwise.
+ */
+function sanitize_sql_orderby( $orderby ) {
+ if ( preg_match( '/^\s*(([a-z0-9_]+|`[a-z0-9_]+`)(\s+(ASC|DESC))?\s*(,\s*(?=[a-z0-9_`])|$))+$/i', $orderby ) || preg_match( '/^\s*RAND\(\s*\)\s*$/i', $orderby ) ) {
+ return $orderby;
+ }
+ return false;
+}
+
+/**
+ * Sanitizes an HTML classname to ensure it only contains valid characters.
+ *
+ * Strips the string down to A-Z,a-z,0-9,_,-. If this results in an empty
+ * string then it will return the alternative value supplied.
+ *
+ * @todo Expand to support the full range of CDATA that a class attribute can contain.
+ *
+ * @since 2.8.0
+ *
+ * @param string $class The classname to be sanitized
+ * @param string $fallback Optional. The value to return if the sanitization ends up as an empty string.
+ * Defaults to an empty string.
+ * @return string The sanitized value
+ */
+function sanitize_html_class( $class, $fallback = '' ) {
+ //Strip out any % encoded octets
+ $sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class );
+
+ //Limit to A-Z,a-z,0-9,_,-
+ $sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );
+
+ if ( '' == $sanitized )
+ $sanitized = $fallback;
+
+ /**
+ * Filter a sanitized HTML class string.
+ *
+ * @since 2.8.0
+ *
+ * @param string $sanitized The sanitized HTML class.
+ * @param string $class HTML class before sanitization.
+ * @param string $fallback The fallback string.
+ */
+ return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback );
+}
+
+/**
+ * Converts lone & characters into `&` (a.k.a. `&`)
+ *
+ * @since 0.71
+ *
+ * @param string $content String of characters to be converted.
+ * @param string $deprecated Not used.
+ * @return string Converted string.
+ */
+function convert_chars( $content, $deprecated = '' ) {
+ if ( ! empty( $deprecated ) ) {
+ _deprecated_argument( __FUNCTION__, '0.71' );
+ }
+
+ if ( strpos( $content, '&' ) !== false ) {
+ $content = preg_replace( '/&([^#])(?![a-z1-4]{1,8};)/i', '&$1', $content );
+ }
+
+ return $content;
+}
+
+/**
+ * Converts invalid Unicode references range to valid range.
+ *
+ * @since 4.3.0
+ *
+ * @param string $content String with entities that need converting.
+ * @return string Converted string.
+ */
+function convert_invalid_entities( $content ) {
+ $wp_htmltranswinuni = array(
+ '€' => '€', // the Euro sign
+ '' => '',
+ '‚' => '‚', // these are Windows CP1252 specific characters
+ 'ƒ' => 'ƒ', // they would look weird on non-Windows browsers
+ '„' => '„',
+ '…' => '…',
+ '†' => '†',
+ '‡' => '‡',
+ 'ˆ' => 'ˆ',
+ '‰' => '‰',
+ 'Š' => 'Š',
+ '‹' => '‹',
+ 'Œ' => 'Œ',
+ '' => '',
+ 'Ž' => 'Ž',
+ '' => '',
+ '' => '',
+ '‘' => '‘',
+ '’' => '’',
+ '“' => '“',
+ '”' => '”',
+ '•' => '•',
+ '–' => '–',
+ '—' => '—',
+ '˜' => '˜',
+ '™' => '™',
+ 'š' => 'š',
+ '›' => '›',
+ 'œ' => 'œ',
+ '' => '',
+ 'ž' => 'ž',
+ 'Ÿ' => 'Ÿ'
+ );
+
+ if ( strpos( $content, '' ) !== false ) {
+ $content = strtr( $content, $wp_htmltranswinuni );
+ }
+
+ return $content;
+}
+
+/**
+ * Balances tags if forced to, or if the 'use_balanceTags' option is set to true.
+ *
+ * @since 0.71
+ *
+ * @param string $text Text to be balanced
+ * @param bool $force If true, forces balancing, ignoring the value of the option. Default false.
+ * @return string Balanced text
+ */
+function balanceTags( $text, $force = false ) {
+ if ( $force || get_option('use_balanceTags') == 1 ) {
+ return force_balance_tags( $text );
+ } else {
+ return $text;
+ }
+}
+
+/**
+ * Balances tags of string using a modified stack.
+ *
+ * @since 2.0.4
+ *
+ * @author Leonard Lin <leonard@acm.org>
+ * @license GPL
+ * @copyright November 4, 2001
+ * @version 1.1
+ * @todo Make better - change loop condition to $text in 1.2
+ * @internal Modified by Scott Reilly (coffee2code) 02 Aug 2004
+ * 1.1 Fixed handling of append/stack pop order of end text
+ * Added Cleaning Hooks
+ * 1.0 First Version
+ *
+ * @param string $text Text to be balanced.
+ * @return string Balanced text.
+ */
+function force_balance_tags( $text ) {
+ $tagstack = array();
+ $stacksize = 0;
+ $tagqueue = '';
+ $newtext = '';
+ // Known single-entity/self-closing tags
+ $single_tags = array( 'area', 'base', 'basefont', 'br', 'col', 'command', 'embed', 'frame', 'hr', 'img', 'input', 'isindex', 'link', 'meta', 'param', 'source' );
+ // Tags that can be immediately nested within themselves
+ $nestable_tags = array( 'blockquote', 'div', 'object', 'q', 'span' );
+
+ // WP bug fix for comments - in case you REALLY meant to type '< !--'
+ $text = str_replace('< !--', '< !--', $text);
+ // WP bug fix for LOVE <3 (and other situations with '<' before a number)
+ $text = preg_replace('#<([0-9]{1})#', '<$1', $text);
+
+ while ( preg_match("/<(\/?[\w:]*)\s*([^>]*)>/", $text, $regex) ) {
+ $newtext .= $tagqueue;
+
+ $i = strpos($text, $regex[0]);
+ $l = strlen($regex[0]);
+
+ // clear the shifter
+ $tagqueue = '';
+ // Pop or Push
+ if ( isset($regex[1][0]) && '/' == $regex[1][0] ) { // End Tag
+ $tag = strtolower(substr($regex[1],1));
+ // if too many closing tags
+ if ( $stacksize <= 0 ) {
+ $tag = '';
+ // or close to be safe $tag = '/' . $tag;
+ }
+ // if stacktop value = tag close value then pop
+ elseif ( $tagstack[$stacksize - 1] == $tag ) { // found closing tag
+ $tag = '</' . $tag . '>'; // Close Tag
+ // Pop
+ array_pop( $tagstack );
+ $stacksize--;
+ } else { // closing tag not at top, search for it
+ for ( $j = $stacksize-1; $j >= 0; $j-- ) {
+ if ( $tagstack[$j] == $tag ) {
+ // add tag to tagqueue
+ for ( $k = $stacksize-1; $k >= $j; $k--) {
+ $tagqueue .= '</' . array_pop( $tagstack ) . '>';
+ $stacksize--;
+ }
+ break;
+ }
+ }
+ $tag = '';
+ }
+ } else { // Begin Tag
+ $tag = strtolower($regex[1]);
+
+ // Tag Cleaning
+
+ // If it's an empty tag "< >", do nothing
+ if ( '' == $tag ) {
+ // do nothing
+ }
+ // ElseIf it presents itself as a self-closing tag...
+ elseif ( substr( $regex[2], -1 ) == '/' ) {
+ // ...but it isn't a known single-entity self-closing tag, then don't let it be treated as such and
+ // immediately close it with a closing tag (the tag will encapsulate no text as a result)
+ if ( ! in_array( $tag, $single_tags ) )
+ $regex[2] = trim( substr( $regex[2], 0, -1 ) ) . "></$tag";
+ }
+ // ElseIf it's a known single-entity tag but it doesn't close itself, do so
+ elseif ( in_array($tag, $single_tags) ) {
+ $regex[2] .= '/';
+ }
+ // Else it's not a single-entity tag
+ else {
+ // If the top of the stack is the same as the tag we want to push, close previous tag
+ if ( $stacksize > 0 && !in_array($tag, $nestable_tags) && $tagstack[$stacksize - 1] == $tag ) {
+ $tagqueue = '</' . array_pop( $tagstack ) . '>';
+ $stacksize--;
+ }
+ $stacksize = array_push( $tagstack, $tag );
+ }
+
+ // Attributes
+ $attributes = $regex[2];
+ if ( ! empty( $attributes ) && $attributes[0] != '>' )
+ $attributes = ' ' . $attributes;
+
+ $tag = '<' . $tag . $attributes . '>';
+ //If already queuing a close tag, then put this tag on, too
+ if ( !empty($tagqueue) ) {
+ $tagqueue .= $tag;
+ $tag = '';
+ }
+ }
+ $newtext .= substr($text, 0, $i) . $tag;
+ $text = substr($text, $i + $l);
+ }
+
+ // Clear Tag Queue
+ $newtext .= $tagqueue;
+
+ // Add Remaining text
+ $newtext .= $text;
+
+ // Empty Stack
+ while( $x = array_pop($tagstack) )
+ $newtext .= '</' . $x . '>'; // Add remaining tags to close
+
+ // WP fix for the bug with HTML comments
+ $newtext = str_replace("< !--","<!--",$newtext);
+ $newtext = str_replace("< !--","< !--",$newtext);
+
+ return $newtext;
+}
+
+/**
+ * Acts on text which is about to be edited.
+ *
+ * The $content is run through esc_textarea(), which uses htmlspecialchars()
+ * to convert special characters to HTML entities. If $richedit is set to true,
+ * it is simply a holder for the 'format_to_edit' filter.
+ *
+ * @since 0.71
+ *
+ * @param string $content The text about to be edited.
+ * @param bool $richedit Whether the $content should not pass through htmlspecialchars(). Default false (meaning it will be passed).
+ * @return string The text after the filter (and possibly htmlspecialchars()) has been run.
+ */
+function format_to_edit( $content, $richedit = false ) {
+ /**
+ * Filter the text to be formatted for editing.
+ *
+ * @since 1.2.0
+ *
+ * @param string $content The text, prior to formatting for editing.
+ */
+ $content = apply_filters( 'format_to_edit', $content );
+ if ( ! $richedit )
+ $content = esc_textarea( $content );
+ return $content;
+}
+
+/**
+ * Add leading zeros when necessary.
+ *
+ * If you set the threshold to '4' and the number is '10', then you will get
+ * back '0010'. If you set the threshold to '4' and the number is '5000', then you
+ * will get back '5000'.
+ *
+ * Uses sprintf to append the amount of zeros based on the $threshold parameter
+ * and the size of the number. If the number is large enough, then no zeros will
+ * be appended.
+ *
+ * @since 0.71
+ *
+ * @param int $number Number to append zeros to if not greater than threshold.
+ * @param int $threshold Digit places number needs to be to not have zeros added.
+ * @return string Adds leading zeros to number if needed.
+ */
+function zeroise( $number, $threshold ) {
+ return sprintf( '%0' . $threshold . 's', $number );
+}
+
+/**
+ * Adds backslashes before letters and before a number at the start of a string.
+ *
+ * @since 0.71
+ *
+ * @param string $string Value to which backslashes will be added.
+ * @return string String with backslashes inserted.
+ */
+function backslashit( $string ) {
+ if ( isset( $string[0] ) && $string[0] >= '0' && $string[0] <= '9' )
+ $string = '\\\\' . $string;
+ return addcslashes( $string, 'A..Za..z' );
+}
+
+/**
+ * Appends a trailing slash.
+ *
+ * Will remove trailing forward and backslashes if it exists already before adding
+ * a trailing forward slash. This prevents double slashing a string or path.
+ *
+ * The primary use of this is for paths and thus should be used for paths. It is
+ * not restricted to paths and offers no specific path support.
+ *
+ * @since 1.2.0
+ *
+ * @param string $string What to add the trailing slash to.
+ * @return string String with trailing slash added.
+ */
+function trailingslashit( $string ) {
+ return untrailingslashit( $string ) . '/';
+}
+
+/**
+ * Removes trailing forward slashes and backslashes if they exist.
+ *
+ * The primary use of this is for paths and thus should be used for paths. It is
+ * not restricted to paths and offers no specific path support.
+ *
+ * @since 2.2.0
+ *
+ * @param string $string What to remove the trailing slashes from.
+ * @return string String without the trailing slashes.
+ */
+function untrailingslashit( $string ) {
+ return rtrim( $string, '/\\' );
+}
+
+/**
+ * Adds slashes to escape strings.
+ *
+ * Slashes will first be removed if magic_quotes_gpc is set, see {@link
+ * http://www.php.net/magic_quotes} for more details.
+ *
+ * @since 0.71
+ *
+ * @param string $gpc The string returned from HTTP request data.
+ * @return string Returns a string escaped with slashes.
+ */
+function addslashes_gpc($gpc) {
+ if ( get_magic_quotes_gpc() )
+ $gpc = stripslashes($gpc);
+
+ return wp_slash($gpc);
+}
+
+/**
+ * Navigates through an array and removes slashes from the values.
+ *
+ * If an array is passed, the array_map() function causes a callback to pass the
+ * value back to the function. The slashes from this value will removed.
+ *
+ * @since 2.0.0
+ *
+ * @param mixed $value The value to be stripped.
+ * @return mixed Stripped value.
+ */
+function stripslashes_deep( $value ) {
+ if ( is_array($value) ) {
+ $value = array_map('stripslashes_deep', $value);
+ } elseif ( is_object($value) ) {
+ $vars = get_object_vars( $value );
+ foreach ($vars as $key=>$data) {
+ $value->{$key} = stripslashes_deep( $data );
+ }
+ } elseif ( is_string( $value ) ) {
+ $value = stripslashes($value);
+ }
+
+ return $value;
+}
+
+/**
+ * Navigates through an array and encodes the values to be used in a URL.
+ *
+ *
+ * @since 2.2.0
+ *
+ * @param array|string $value The array or string to be encoded.
+ * @return array|string $value The encoded array (or string from the callback).
+ */
+function urlencode_deep( $value ) {
+ return is_array( $value ) ? array_map( 'urlencode_deep', $value ) : urlencode( $value );
+}
+
+/**
+ * Navigates through an array and raw encodes the values to be used in a URL.
+ *
+ * @since 3.4.0
+ *
+ * @param array|string $value The array or string to be encoded.
+ * @return array|string $value The encoded array (or string from the callback).
+ */
+function rawurlencode_deep( $value ) {
+ return is_array( $value ) ? array_map( 'rawurlencode_deep', $value ) : rawurlencode( $value );
+}
+
+/**
+ * Converts email addresses characters to HTML entities to block spam bots.
+ *
+ * @since 0.71
+ *
+ * @param string $email_address Email address.
+ * @param int $hex_encoding Optional. Set to 1 to enable hex encoding.
+ * @return string Converted email address.
+ */
+function antispambot( $email_address, $hex_encoding = 0 ) {
+ $email_no_spam_address = '';
+ for ( $i = 0, $len = strlen( $email_address ); $i < $len; $i++ ) {
+ $j = rand( 0, 1 + $hex_encoding );
+ if ( $j == 0 ) {
+ $email_no_spam_address .= '&#' . ord( $email_address[$i] ) . ';';
+ } elseif ( $j == 1 ) {
+ $email_no_spam_address .= $email_address[$i];
+ } elseif ( $j == 2 ) {
+ $email_no_spam_address .= '%' . zeroise( dechex( ord( $email_address[$i] ) ), 2 );
+ }
+ }
+
+ return str_replace( '@', '@', $email_no_spam_address );