Formatting (category)
| absint() | Convert a value to non-negative integer. Analog of |
| add_magic_quotes() | Escape |
| antispambot() | Converts email addresses characters to HTML entities to stop spam-bots from parsing your email. |
| backslashit() | Adds backslashes before letters and before a number at the start of a string. |
| balanceTags() | Balances tags if forced to, or if the 'use_balanceTags' option is set to true. |
| capital_P_dangit() | Forever eliminate "Wordpress" from the planet (or at least the little bit we can influence). |
| convert_smilies() | Convert text equivalent of smilies to images. |
| ent2ncr() | Converts named entities into numbered entities. ’ becomes ’. |
| force_balance_tags() | Balances tags of string using a modified stack. |
| links_add_target() | Adds a Target attribute to all links in passed content. |
| make_clickable() | Convert plaintext URI to HTML links. |
| normalize_whitespace() | Normalize EOL characters and strip duplicate whitespace. |
| number_format_i18n() | Convert float number to format based on the locale. |
| remove_accents() | Converts all accent characters to ASCII characters. |
| set_url_scheme() | Sets the scheme for a URL. |
| shortcode_unautop() | Don't auto-p wrap shortcodes that stand alone |
| size_format() | Convert number of bytes largest unit bytes will fit into. |
| strip_fragment_from_url() | Strips the #fragment from a URL, if one is present. |
| trailingslashit() | Appends a trailing slash. |
| untrailingslashit() | Removes trailing forward slashes and backslashes if they exist. |
| url_shorten() | Shorten a URL, to be used as link text. |
| user_trailingslashit() | Adds or removes a trailing slash in the passed URL. It depends on the permalink structure. |
| utf8_uri_encode() | Encode the Unicode values to be used in the URI. |
| wp_convert_hr_to_bytes() | Converts a shorthand byte value to an integer byte value. |
| wp_html_excerpt() | Safely extracts not more than the first $count characters from HTML string. |
| wp_rel_nofollow() | Adds rel nofollow string to all HTML A elements in content. |
| wp_specialchars_decode() | Converts a number of HTML entities into their special characters. |
| wp_trim_words() | Trims the given text to the specified number of words. |
| wpautop() | Replaces double line-breaks with paragraph elements. |
| wptexturize() | Replaces some characters in specified text into formatted entities. |
| zeroise() | Add leading zeros when necessary. |
Sanitizing, Escaping
| esc_attr() | Escaping for HTML attributes. Converts |
| esc_html() | Escaping for HTML blocks. Converts |
| esc_js() | Escapes string for save use in JavaScript. Escape single quotes, htmlspecialchar |
| esc_textarea() | Escaping text / string for use in html textarea tag. |
| esc_url() | Cleans the URL for use in text, changes the wrong and removes the dangerous characters. |
| esc_url_raw() | Cleans URL for use in database query, redirects, and HTTP requests. Not cleans for a safe display. |
| sanitize_email() | Strips out all characters that are not allowable in an email. |
| sanitize_file_name() | Sanitizes a filename, replacing whitespace with dashes. |
| sanitize_html_class() | Sanitizes an HTML classname to ensure it only contains valid characters. |
| sanitize_option() | Sanitises various option values based on the nature of the option. |
| sanitize_post_field() | Sanitize post field based on context. |
| sanitize_text_field() | Sanitizes the passed string leaving clean text: without HTML tags, line breaks, etc. |
| sanitize_textarea_field() | Sanitizes a multiline string from user input or from the database. |
| sanitize_title() | Sanitize the passed string (title) to use it as a slug (post_name). Or returns a fallback title. |
| sanitize_title_with_dashes() | Sanitizes a title, replacing whitespace and a few other characters with dashes. |
| tag_escape() | Escape an HTML tag name. |
| validate_file() | Validates a file name and path against an allowed set of rules. |
| wp_check_invalid_utf8() | Checks for invalid UTF8 in a string. |
| wp_filter_kses() | Sanitize content with allowed HTML Kses rules. |
| wp_filter_nohtml_kses() | Strips all of the HTML tags in the given content. Receives a slashed string (content). Returns the cleared content. |
| wp_filter_post_kses() | Sanitize content for allowed HTML tags for post content. |
| wp_kses() | Filters content and keeps only allowable HTML tags, their attributes, and attributes values. |
| wp_kses_data() | Sanitize content with allowed HTML Kses rules. |
| wp_strip_all_tags() | Removes all HTML tags from passed content. Script/Style tags removed with their content. |
| wp_targeted_link_rel() | Adds rel noreferrer and noopener to all HTML A elements that have a target. |