Formatting (category)
| absint() | Convert a value to non-negative integer. Analog of |
| add_magic_quotes() | Escape |
| antispambot() | Converts email addresses characters to HTML entities to stop spam-bots from parsing your email. |
| backslashit() | Adds a backslash (\) before letters and before digits at the beginning of the string. |
| balanceTags() | Fixes incorrectly-entered XHTML (HTML) tags. |
| capital_P_dangit() | Replaces the incorrectly written letter "p" in the middle of the word WordPress (it should be written with a capital P in the middle). |
| convert_smilies() | Replaces textual smilies in the text with the corresponding smilie images. |
| ent2ncr() | Converts named entities into numbered entities. ’ becomes ’. |
| force_balance_tags() | Corrects malformed XHTML/HTML tags in text: unclosed, out-of-order, incorrect syntax ( |
| links_add_target() | Adds the target attribute with the specified value to all links (A tags) in the given text. |
| make_clickable() | Converts non-clickable links in the text - |
| normalize_whitespace() | Standardizes (unifies) line break characters (EOL) in the provided string: converts all breaks to a single form |
| number_format_i18n() | Converts a number (integer or decimal) into a format suitable for the current locale (site language). |
| remove_accents() | Replaces all non-standard characters in the text with a single ASCII standard. |
| set_url_scheme() | Sets the current site protocol for the specified URL (link). If relative is specified in $scheme, it will return a relative URL. |
| shortcode_unautop() | Removes the enclosing tag <p>...</p>, if it contains only a shortcode. |
| size_format() | Converts bytes to a human-readable format: 500 B, 63 KB, 9 MB, 2 GB, 1 TB. |
| strip_fragment_from_url() | Removes the fragment (anchor, hash, #fragment) from the URL. The URL must be passed with the protocol. |
| trailingslashit() | Adds a slash / at the end of the string. |
| untrailingslashit() | Removes the trailing slash (/) at the end of a string (URL). |
| url_shorten() | Shortens the given URL. |
| user_trailingslashit() | Adds or removes a trailing slash in the passed URL. It depends on the permalink structure. |
| utf8_uri_encode() | Encodes characters so that a string can be used in a URI. |
| wp_convert_hr_to_bytes() | Converts a shortened byte value to an integer byte value. For example, the string |
| wp_html_excerpt() | Safely extracts the specified number of characters from the specified HTML string. |
| wp_rel_nofollow() | Adds rel="nofollow" to all <a> elements in the passed text. Internal links are skipped. |
| wp_specialchars_decode() | Converts (decodes) HTML entities to their HTML characters. Changes only: |
| wp_trim_words() | Trims the given text to the specified number of words. |
| wpautop() | Replaces double line breaks with the HTML construct <p>...</p>, and single line breaks with <br>. |
| wptexturize() | Replaces some characters in specified text into formatted entities. |
| zeroise() | Add leading zeros when necessary. |
Sanitizing, Escaping
| esc_attr() | Escaping for HTML attributes. Converts |
| esc_html() | Escaping for HTML blocks. Converts |
| esc_js() | Escapes string for save use in JavaScript. Escape single quotes, htmlspecialchar |
| esc_textarea() | Escaping text / string for use in html textarea tag. |
| esc_url() | Cleans a URL for use in text, fixes incorrect and removes unsafe characters. |
| esc_url_raw() | Cleans URL for use in database query, redirects, and HTTP requests. Not cleans for a safe display. |
| safecss_filter_attr() | Cleans CSS properties by removing unsafe and disallowed rules. |
| sanitize_email() | Cleans a string, leaving only characters allowed in an email address. |
| sanitize_file_name() | Sanitizes a file name, replacing spaces with '_' and removing invalid characters, etc. |
| sanitize_html_class() | Prepares text for use in the HTML class attribute: removes all unsuitable characters. |
| sanitize_option() | Sanitizes the given option value using the specified sanitization method. |
| sanitize_post_field() | Sanitizes the specified value of the specified post field. The sanitization level is specified by the $context parameter. |
| sanitize_text_field() | Sanitizes the passed string leaving clean text: without HTML tags, line breaks, etc. |
| sanitize_textarea_field() | Cleans a string passed from a textarea field (when saving to the database) or when retrieved from the database. |
| sanitize_title() | Cleans the given string (title) for use as a slug. |
| sanitize_title_with_dashes() | Cleans the title by replacing spaces with a hyphen |
| tag_escape() | Cleans an HTML tag name. Removes all characters except |
| validate_file() | Checks the given string to see if it is a valid file path (file name). If the check passes, it returns 0; if not, it returns: 1, 2, or 3. |
| wp_check_invalid_utf8() | Checks for the presence of invalid UTF8 characters in a string. |
| wp_filter_kses() | Cleans text, leaving only allowed HTML tags. Expects escaped data. |
| wp_filter_nohtml_kses() | Strips all of the HTML tags in the given content. Receives a slashed string (content). Returns the cleared content. |
| wp_filter_post_kses() | Cleans the content, leaving only allowed HTML tags and adds escaping slashes. |
| wp_kses() | Filters content and keeps only allowable HTML tags, their attributes, and attributes values. |
| wp_kses_data() | Cleans text, leaving only allowed HTML tags and their attributes. Expects unslashed text. |
| wp_strip_all_tags() | Removes all HTML tags from passed content. Script/Style tags removed with their content. |
| wp_targeted_link_rel() | Adds rel noopener to all <a target="..."> tags with the target attribute in the provided text. |