WordPress at a glance
Главная Functions Formatting Sanitizing, Escaping

Category: Sanitizing, Escaping 23

esc_attr()

Escaping for HTML attributes. Converts <, >, &, ", ' characters to HTML entities. Does not make double escaping.

esc_html()

Escaping for HTML blocks. Converts &lt;, &gt;, &, ", ' characters to HTML entities.

esc_js()

Escape single quotes, htmlspecialchar &quot; &lt; &gt; &amp;, and fix line endings.

esc_textarea()

Escaping for textarea values.

esc_url()

Checks and cleans a URL.

esc_url_raw()

Performs esc_url() for database usage.

sanitize_email()

Strips out all characters that are not allowable in an email.

sanitize_file_name()

Sanitizes a filename, replacing whitespace with dashes.

sanitize_html_class()

Sanitizes an HTML classname to ensure it only contains valid characters.

sanitize_option()

Sanitises various option values based on the nature of the option.

sanitize_post_field()

Sanitize post field based on context.

sanitize_text_field()

Sanitizes a string from user input or from the database.

sanitize_textarea_field()

Sanitizes a multiline string from user input or from the database.

sanitize_title()

Sanitizes a title, or returns a fallback title.

sanitize_title_with_dashes()

Sanitizes a title, replacing whitespace and a few other characters with dashes.

tag_escape()

Escape an HTML tag name.

validate_file()

Validates a file name and path against an allowed set of rules.

wp_filter_kses()

Sanitize content with allowed HTML Kses rules.

wp_filter_nohtml_kses()

Strips all of the HTML tags in the given content. Receives a slashed string (content). Returns the cleared content.

wp_filter_post_kses()

Sanitize content for allowed HTML tags for post content.

wp_kses()

Filters content and keeps only allowable HTML elements.

wp_kses_data()

Sanitize content with allowed HTML Kses rules.

wp_strip_all_tags()

Properly strip all HTML tags including script and style