sanitize_html_class() WP 1.0
Sanitizes an HTML classname to ensure it only contains valid characters.
Strips the string down to A-Z,a-z,0-9,_,-. If this results in an empty string then it will return the alternative value supplied.
1 time — 0.000024 sec (very fast) | 50000 times — 0.08 sec (speed of light) | PHP 7.1.2, WP 4.7.3
Hooks from the function
Return
String. The sanitized value
Usage
sanitize_html_class( $class, $fallback );
- $class(string) (required)
- The classname to be sanitized
- $fallback(string)
- The value to return if the sanitization ends up as an empty string.
Default: an empty string
Changelog
| Since 2.8.0 | Introduced. |
Code of sanitize_html_class() sanitize html class WP 5.7.1
function sanitize_html_class( $class, $fallback = '' ) {
// Strip out any %-encoded octets.
$sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class );
// Limit to A-Z, a-z, 0-9, '_', '-'.
$sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );
if ( '' === $sanitized && $fallback ) {
return sanitize_html_class( $fallback );
}
/**
* Filters a sanitized HTML class string.
*
* @since 2.8.0
*
* @param string $sanitized The sanitized HTML class.
* @param string $class HTML class before sanitization.
* @param string $fallback The fallback string.
*/
return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback );
}