WordPress at Your Fingertips

esc_ (clean validate sanitize) (tag)

esc_attr()

Escaping for HTML attributes. Converts <, >, &, ", ' characters to HTML entities. Does not make double escaping.

esc_html()

Escaping for HTML blocks. Converts &lt;, &gt;, &, ", ' characters to HTML entities.

esc_html_e()

Translates specified string and replaces special characters in it with HTML entities. Displays text that can be used in HTML as HTML code.

esc_js()

Escapes string for save use in JavaScript. Escape single quotes, htmlspecialchar " < > &, and fix line endings.

esc_sql()

Escapes data for use in a MySQL query. Protects against SQL injections. May accept an array of strings for processing.

esc_textarea()

Escaping text / string for use in html textarea tag.

esc_url()

Cleans the URL for use in text, changes the wrong and removes the dangerous characters.

esc_url_raw()

Cleans URL for use in database query, redirects, and HTTP requests. Not cleans for a safe display.

tag_escape()

Escape an HTML tag name.

urlencode_deep()

Navigates through an array, object, or scalar, and encodes the values to be used in a URL.

wp_specialchars_decode()

Converts a number of HTML entities into their special characters.

wp_strip_all_tags()

Removes all HTML tags from passed content. Script/Style tags removed with their content.