Sanitizing, Escaping (category)
esc_attr() | Escaping for HTML attributes. Converts |
esc_html() | Escaping for HTML blocks. Converts |
esc_js() | Escapes string for save use in JavaScript. Escape single quotes, htmlspecialchar |
esc_textarea() | Escaping text / string for use in html textarea tag. |
esc_url() | Cleans the URL for use in text, changes the wrong and removes the dangerous characters. |
esc_url_raw() | Cleans URL for use in database query, redirects, and HTTP requests. Not cleans for a safe display. |
sanitize_email() | Strips out all characters that are not allowable in an email. |
sanitize_file_name() | Sanitizes a filename, replacing whitespace with dashes. |
sanitize_html_class() | Sanitizes an HTML classname to ensure it only contains valid characters. |
sanitize_option() | Sanitises various option values based on the nature of the option. |
sanitize_post_field() | Sanitize post field based on context. |
sanitize_text_field() | Sanitizes the passed string leaving clean text: without HTML tags, line breaks, etc. |
sanitize_textarea_field() | Sanitizes a multiline string from user input or from the database. |
sanitize_title() | Sanitize the passed string (title) to use it as a slug (post_name). Or returns a fallback title. |
sanitize_title_with_dashes() | Sanitizes a title, replacing whitespace and a few other characters with dashes. |
tag_escape() | Escape an HTML tag name. |
validate_file() | Validates a file name and path against an allowed set of rules. |
wp_check_invalid_utf8() | Checks for invalid UTF8 in a string. |
wp_filter_kses() | Sanitize content with allowed HTML Kses rules. |
wp_filter_nohtml_kses() | Strips all of the HTML tags in the given content. Receives a slashed string (content). Returns the cleared content. |
wp_filter_post_kses() | Sanitize content for allowed HTML tags for post content. |
wp_kses() | Filters content and keeps only allowable HTML tags, their attributes, and attributes values. |
wp_kses_data() | Sanitize content with allowed HTML Kses rules. |
wp_strip_all_tags() | Removes all HTML tags from passed content. Script/Style tags removed with their content. |
wp_targeted_link_rel() | Adds rel noreferrer and noopener to all HTML A elements that have a target. |