stripslashes_deep() │ WP 2.0.0

Iterates through an array, object, scalar and removes escaping slashes (\) from string values.

If a multidimensional array is passed, for each array value that is also an array, the array_map() function is used with the stripslashes() filter, and all values of the array at any "depth" will be cleared of \.

It is recommended to use wp_unslash() instead of this function.

Uses: stripslashes_from_strings_only(), map_deep()

Used By: wp_unslash()

No Hooks.

Returns

Mixed. An array with \ removed from its string values.

Usage

$value = stripslashes_deep( $value );

$value(string/array) (required): The array or string to be cleared of escaping slashes \.

Examples

#1 Remove slashes from global arrays

Suppose we need to clear the global arrays $_POST, $_GET, $_COOKIE, or $_REQUEST from slashes while developing our application in the WordPress environment.

For example, we create a contact page in which we use a form to send a message. To get data without slashes sent through this form, we can pass the entire $_POST array through the function:

$_POST = stripslashes_deep( $_POST );

The function will go through all data, even if the array is multidimensional, and remove \ from all array values and sub-arrays.

#2 Good code practice

WordPress adds slashes to $_POST/$_GET/$_REQUEST/$_COOKIE regardless of what get_magic_quotes_gpc() returns. Therefore, in the context of WordPress, you should always remove escaped slashes when using these global variables.

Example:

$my_post = stripslashes_deep( $_POST );
$my_value = $my_post['value'];

Or:

$my_value = stripslashes( $_POST['value'] );

Changelog

Since 2.0.0

Introduced.

`stripslashes_deep() stripslashes deep` code ^{WP 6.9}

wp-includes/formatting.php

function stripslashes_deep( $value ) {
	return map_deep( $value, 'stripslashes_from_strings_only' );
}