You could do something like this:
$input="Name <[email protected]>";
// Break the input into parts
preg_match( '/([^<]+)<([^>]+)>/i', $input, $matches, PREG_UNMATCHED_AS_NULL );
// Clean the name
$name = sanitize_text_field( $matches[ 1 ] );
// Clean the email
$email = sanitize_email( $matches[ 2 ] );
// Bail early if the values are invalid.
if ( !$name || !$email || !is_email( $email ) ) {
die( 'Invalid input' );
}
// Success!
$cleaned_input = "{$name} <{$email}>";
Related Posts:
- Should I sanitize an email address before passing it to the is_email() function?
- Escaping and sanitizing SVGs in metabox textarea
- What is the difference between wp_strip_all_tags and wp_filter_nohtml_kses?
- Reason for Lowercase usernames
- What is the best way to sanitize data?
- Should nonce be sanitized?
- esc_url removes white space. Can I change that to using ‘-‘?
- WP Coding standards – escaping the inescapable?
- Sanitatizing when using the posts_where hook
- Escape hexadecimals/rgba values
- Must I serialize/sanitize/escape array data before using set_transient?
- Echo JavaScript Safely
- wp_kses ignore allowed and allow everything
- Sanitize array callback for the WordPress Settings API
- How to escape $_GET and check if isset?
- What’s a safe / good way to output HTML safely within WordPress templates?
- Do Not Understand → Rule No. 4: Making Data Safe Is About Context [closed]
- Sanitizing output that contains quotes?
- WP_Customize_Manager: How to get control ID
- How to use wp_filter_oembed_result?
- Sanitization html output itself
- Post text sanitization after publishing/editing – changes are not saved
- wp_set_object_terms() without accents
- Escaping data from database (users table) is necessary?
- What is the proper way to sanitize $_POST and $_GET vars?
- Why is sanitize_text_field() selectively trimming data?
- what is a good method to sanitize the whole $_POST array in php?
- How safe / sanitized is wp_insert_posts()?
- How to safely sanitize a textarea which takes full HTML input
- How to properly validate data from $_GET or $_REQUEST using WordPress functions?
- What’s the difference between esc_* functions?
- Sanitizing integer input for update_post_meta
- Which KSES should be used and when?
- Is sanitize_text_field() is enough to save to DB?
- What is the difference between esc_html and wp_filter_nohtml_kses?
- How to escape custom css?
- Escaping quotes from shortcode attributes
- How to allow HTML tags into WP Bakery (formerly Visual Composer) `textfield` parameter
- How to sanitize select box values in post meta?
- Do Cookies Need to be Sanatized Before Being Saved?
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- Should I sanitize custom post meta if it is going to be escaped later?
- Remove tinyMCE from admin and replace with textarea
- wp_sanitize_redirect strips out @ signs (even from parameters) — why?
- I’m confused about URL sanitization in meta boxes
- Coding a plugin on WordPress; when should I sanitize? [duplicate]
- Is default functions like update_post_meta safe to use user inputs?
- How Could I sanitize the receive data from this code
- Who is responsible for data sanitization in WordPress development?
- How to sanitize my cookie name
- Storing HTML in wp_options
- Do We Need to Validate, Sanitize, or Filter Simple Numerical Superglobals (Cookies and Post)?
- What is the proper way to validate and sanitize JSON response from REST API?
- MITM risk of not sanitizing?
- Which escape function to use when escaping an email or plain text?
- Modify automatically generation of slug when term is created
- WordPress Settings API – Sanitize Integer
- What function removes apostrophes when making a slug?
- How to sanitize uploaded file filename from a plugin?
- Is wp_kses the right approach in sanitizing this string?
- Seeking clarity on data sanitization fields for settings textarea
- Prevent invalid or empty values from being saved to the database and retain the form field values upon error
- Is it sensible to worry about sanitizing admin input in plugin custom CSS?
- How to use sanitize_callback?
- Theme Customizier sanitize_callback not working
- Are all hooks/functions tied to Kses meant for sanitization?
- Getting error to display radio button value in General Settings page
- What data sanitzation function should be used to store entire source code of webpage?
- What functions does WordPress use for filtering / sanitizing comments?
- Why the WP Core team does not allow filter_* functions? [closed]
- data-type=”” … needed post tags stripped of characters
- wordpress is adding a second backslash when I use addslashes
- confused about sanitize_email after is_email [duplicate]
- Trouble creating custom sanitization function for user list dropdown
- Invalidate username if it contains @ symbol
- Contact Form Security
- How to allow certain PHP functions when using sanitize_callback in the word press customizer
- Display the line breaks in user bio without using html
- Change user nicename without sanitize
- HTML in category name
- How can I apply custom sanitization to new usernames?
- How do I sanitize the str_replace function in javascript variables
- Sanitizing textarea for wp_insert_post with TinyMCE enabled or disabled
- Safely store code(html/js..) into database
- Do I need to sanitize $_POST[‘keyword’] before send to ‘s’ parameter?
- Can non-latin characters appear in slugs?
- Data Validation & Sanitization for Big HTML Blocks
- Where is the HTML-handler part in the wpdb class?
- I need to get the control choices to sanitize_callback
- Can we validate data from jquery
- Escaping WP_Query tax_query when term has special character(s)
- Trouble creating custom sanitization function when uploading video files
- Custom-Metaboxes-and-Fields text_url field prepending http://
- Data validation for inline javascript
- Sanitize and Save metabox values
- esc_url, esc_url_raw or sanitize_url?
- Does it make sense to sanitize the output of an SVG file?
- Sanitization of register_setting()
- How to sanitize settings API value
- WooCommerce custom SVG coloring tool [closed]