You could do something like this:
$input="Name <[email protected]>";
// Break the input into parts
preg_match( '/([^<]+)<([^>]+)>/i', $input, $matches, PREG_UNMATCHED_AS_NULL );
// Clean the name
$name = sanitize_text_field( $matches[ 1 ] );
// Clean the email
$email = sanitize_email( $matches[ 2 ] );
// Bail early if the values are invalid.
if ( !$name || !$email || !is_email( $email ) ) {
die( 'Invalid input' );
}
// Success!
$cleaned_input = "{$name} <{$email}>";
Related Posts:
- Should I sanitize an email address before passing it to the is_email() function?
- Escaping and sanitizing SVGs in metabox textarea
- What is the difference between wp_strip_all_tags and wp_filter_nohtml_kses?
- Reason for Lowercase usernames
- What is the best way to sanitize data?
- Should nonce be sanitized?
- esc_url removes white space. Can I change that to using ‘-‘?
- WP Coding standards – escaping the inescapable?
- Sanitatizing when using the posts_where hook
- Escape hexadecimals/rgba values
- Must I serialize/sanitize/escape array data before using set_transient?
- Echo JavaScript Safely
- wp_kses ignore allowed and allow everything
- Sanitize array callback for the WordPress Settings API
- How to escape $_GET and check if isset?
- What’s a safe / good way to output HTML safely within WordPress templates?
- Do Not Understand → Rule No. 4: Making Data Safe Is About Context [closed]
- Sanitizing output that contains quotes?
- WP_Customize_Manager: How to get control ID
- How to use wp_filter_oembed_result?
- Sanitization html output itself
- Post text sanitization after publishing/editing – changes are not saved
- wp_set_object_terms() without accents
- Escaping data from database (users table) is necessary?
- what is a good method to sanitize the whole $_POST array in php?
- Data sanitization: Best Practices with code examples
- How safe / sanitized is wp_insert_posts()?
- How to safely sanitize a textarea which takes full HTML input
- How to properly validate data from $_GET or $_REQUEST using WordPress functions?
- is_email() VS sanitize_email()
- Sanitizing integer input for update_post_meta
- What is the difference between esc_html and wp_filter_nohtml_kses?
- How to escape custom css?
- Escaping quotes from shortcode attributes
- Sanitation needed for WP_Query or get_posts calls?
- How to allow HTML tags into WP Bakery (formerly Visual Composer) `textfield` parameter
- Do Cookies Need to be Sanatized Before Being Saved?
- Default WordPress settings API data sanitization
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- Should I sanitize custom post meta if it is going to be escaped later?
- How to display data from custom table in wordpress database?
- Remove tinyMCE from admin and replace with textarea
- wp_sanitize_redirect strips out @ signs (even from parameters) — why?
- array_map() for sanitizing $_POST
- Correct processing of `$_POST`, following WordPress Coding Standards
- why is esc_html() returning nothing given a string containing a high-bit character?
- Is default functions like update_post_meta safe to use user inputs?
- How Could I sanitize the receive data from this code
- Who is responsible for data sanitization in WordPress development?
- Settings API – sanitize_callback is not called and it leads to an incorrect behavior
- How to sanitize my cookie name
- Best Practice for Validating and Sanitizing Data
- Storing HTML in wp_options
- What is the proper way to validate and sanitize JSON response from REST API?
- MITM risk of not sanitizing?
- Which escape function to use when escaping an email or plain text?
- Modify automatically generation of slug when term is created
- WordPress Settings API – Sanitize Integer
- Can i use the same sanitize function on multiple theme mod textboxes?
- What function removes apostrophes when making a slug?
- How to sanitize uploaded file filename from a plugin?
- Is wp_kses the right approach in sanitizing this string?
- Seeking clarity on data sanitization fields for settings textarea
- Customizer: Category Select Sanitize
- Prevent invalid or empty values from being saved to the database and retain the form field values upon error
- Theme Customizier sanitize_callback not working
- Are all hooks/functions tied to Kses meant for sanitization?
- Change wp_sanitize function?
- What data sanitzation function should be used to store entire source code of webpage?
- What functions does WordPress use for filtering / sanitizing comments?
- Why the WP Core team does not allow filter_* functions? [closed]
- data-type=”” … needed post tags stripped of characters
- wordpress is adding a second backslash when I use addslashes
- confused about sanitize_email after is_email [duplicate]
- Trouble creating custom sanitization function for user list dropdown
- Invalidate username if it contains @ symbol
- Contact Form Security
- How to allow certain PHP functions when using sanitize_callback in the word press customizer
- Display the line breaks in user bio without using html
- Change user nicename without sanitize
- HTML in category name
- How can I apply custom sanitization to new usernames?
- How do I sanitize the str_replace function in javascript variables
- Sanitizing textarea for wp_insert_post with TinyMCE enabled or disabled
- Safely store code(html/js..) into database
- Do I need to sanitize $_POST[‘keyword’] before send to ‘s’ parameter?
- Can non-latin characters appear in slugs?
- Data Validation & Sanitization for Big HTML Blocks
- Where is the HTML-handler part in the wpdb class?
- I need to get the control choices to sanitize_callback
- Can we validate data from jquery
- Escaping WP_Query tax_query when term has special character(s)
- Escaping and sanitization
- Trouble creating custom sanitization function when uploading video files
- Custom-Metaboxes-and-Fields text_url field prepending http://
- Sanitizing a custom query’s clauses
- Data validation for inline javascript
- Sanitize and Save metabox values
- esc_url, esc_url_raw or sanitize_url?
- Extend file format support for post thumbnails