Simplify sanitize_key() and use it in more places. see #14910

git-svn-id: https://develop.svn.wordpress.org/trunk@15635 602fd350-edb4-49c9-b593-d223f7449a82

wp-includes/formatting.php

@@ -763,10 +763,6 @@ function sanitize_user( $username, $strict = false ) {
  */
 function sanitize_key( $key ) {
 	$raw_key = $key;
-	$key = wp_strip_all_tags($key);
-	// Kill octets
-	$key = preg_replace('|%([a-fA-F0-9][a-fA-F0-9])|', '', $key);
-	$key = preg_replace('/&.+?;/', '', $key); // Kill entities
 
 	$key = preg_replace('|[^a-z0-9 _.\-@]|i', '', $key);
 

wp-includes/post.php

@@ -571,7 +571,7 @@ function register_post_status($post_status, $args = array()) {
 	$args = wp_parse_args($args, $defaults);
 	$args = (object) $args;
 
-	$post_status = sanitize_user($post_status, true);
+	$post_status = sanitize_key($post_status);
 	$args->name = $post_status;
 
 	if ( null === $args->public && null === $args->internal && null === $args->protected && null === $args->private )
@@ -819,7 +819,7 @@ function register_post_type($post_type, $args = array()) {
 	$args = wp_parse_args($args, $defaults);
 	$args = (object) $args;
 
-	$post_type = sanitize_user($post_type, true);
+	$post_type = sanitize_key($post_type);
 	$args->name = $post_type;
 
 	// If not set, default to the setting for public.

wp-includes/query.php

@@ -1456,9 +1456,9 @@ class WP_Query {
 
 		if ( !empty($qv['post_type']) ) {
 			if ( is_array($qv['post_type']) )
-				$qv['post_type'] = array_map('sanitize_user', $qv['post_type'], array(true));
+				$qv['post_type'] = array_map('sanitize_key', $qv['post_type']);
 			else
-				$qv['post_type'] = sanitize_user($qv['post_type'], true);
+				$qv['post_type'] = sanitize_key($qv['post_type']);
 		}
 
 		if ( !empty($qv['post_status']) )