esc_html( string $text ): string

Escaping for HTML blocks.

Contents

Parameters

$text string Required

Top ↑

Return

string

Top ↑

Source

File: wp-includes/formatting.php. View all references 

function esc_html( $text ) {
	$safe_text = wp_check_invalid_utf8( $text );
	$safe_text = _wp_specialchars( $safe_text, ENT_QUOTES );
	/**
	 * Filters a string cleaned and escaped for output in HTML.
	 *
	 * Text passed to esc_html() is stripped of invalid or special characters
	 * before output.
	 *
	 * @since 2.8.0
	 *
	 * @param string $safe_text The text after it has been escaped.
	 * @param string $text      The text prior to being escaped.
	 */
	return apply_filters( 'esc_html', $safe_text, $text );
}

View on Trac View on GitHub

Top ↑

Hooks

Top ↑

Top ↑

Used By

Used By
Used By Description
wp_required_field_indicator() wp-includes/general-template.php

Assigns a visual indicator for required form fields.
WP_List_Table::get_views_links() wp-admin/includes/class-wp-list-table.php

Generates views links.
WP_Theme_JSON::remove_insecure_settings() wp-includes/class-wp-theme-json.php

Processes a setting node and returns the same node without the insecure settings.
WP_Theme_JSON::is_safe_css_declaration() wp-includes/class-wp-theme-json.php

Checks that a declaration provided by the user is safe.
WP_Image_Editor_Imagick::write_image() wp-includes/class-wp-image-editor-imagick.php

Writes an image to a file or stream.
WP_Application_Passwords_List_Table::column_name() wp-admin/includes/class-wp-application-passwords-list-table.php

Handles the name column output.
WP_Comments_List_Table::comment_type_dropdown() wp-admin/includes/class-wp-comments-list-table.php

Displays a comment type drop-down for filtering on the Comments list table.
Plugin_Installer_Skin::do_overwrite() wp-admin/includes/class-plugin-installer-skin.php

Check if the plugin can be overwritten and output the HTML for overwriting a plugin on upload.
Theme_Installer_Skin::do_overwrite() wp-admin/includes/class-theme-installer-skin.php

Check if the theme can be overwritten and output the HTML for overwriting a theme on upload.
wp_credits_section_title() wp-admin/includes/credits.php

Displays the title for a given group of contributors.
wp_credits_section_list() wp-admin/includes/credits.php

Displays a list of contributors for a given group.
verify_file_signature() wp-admin/includes/file.php

Verifies the contents of a file against its ED25519 signature.
WP_Posts_List_Table::formats_dropdown() wp-admin/includes/class-wp-posts-list-table.php

Displays a formats drop-down for filtering items.
WP_Site_Health_Auto_Updates::test_constants() wp-admin/includes/class-wp-site-health-auto-updates.php

Tests if auto-updates related constants are set correctly.
register_and_do_post_meta_boxes() wp-admin/includes/meta-boxes.php

Registers the default post meta boxes, and runs the do_meta_boxes actions.
wp_comments_personal_data_exporter() wp-includes/comment.php

Finds and exports personal data associated with an email address from the comments table.
wp_comments_personal_data_eraser() wp-includes/comment.php

Erases personal data associated with an email address from the comments table.
get_the_privacy_policy_link() wp-includes/link-template.php

Returns the privacy policy link with formatting, when applicable.
WP_Privacy_Policy_Content::privacy_policy_guide() wp-admin/includes/class-wp-privacy-policy-content.php

Output the privacy policy guide together with content from the theme and plugins.
wp_privacy_generate_personal_data_export_group_html() wp-admin/includes/privacy-tools.php

Generate a single group for the personal data export report.
wp_privacy_generate_personal_data_export_file() wp-admin/includes/privacy-tools.php

Generate the personal data export file.
WP_Privacy_Requests_Table::column_status() wp-admin/includes/class-wp-privacy-requests-table.php

Status column.
wp_ajax_wp_privacy_export_personal_data() wp-admin/includes/ajax-actions.php

Ajax handler for exporting a user’s personal data.
wp_ajax_wp_privacy_erase_personal_data() wp-admin/includes/ajax-actions.php

Ajax handler for erasing personal data.
WP_Widget_Media_Gallery::render_control_template_scripts() wp-includes/widgets/class-wp-widget-media-gallery.php

Render form template scripts.
WP_Customize_Themes_Section::filter_drawer_content_template() wp-includes/customize/class-wp-customize-themes-section.php

Render the filter drawer portion of a themes section as a JS template.
wp_print_plugin_file_tree() wp-admin/includes/misc.php

Outputs the formatted file list for the plugin file editor.
wp_print_theme_file_tree() wp-admin/includes/misc.php

Outputs the formatted file list for the theme file editor.
WP_Widget_Media::render_control_template_scripts() wp-includes/widgets/class-wp-widget-media.php

Render form template scripts.
WP_Customize_Nav_Menus::print_post_type_container() wp-includes/class-wp-customize-nav-menus.php

Prints the markup for new menu items.
WP_Ajax_Upgrader_Skin::get_error_messages() wp-admin/includes/class-wp-ajax-upgrader-skin.php

Retrieves a string for error messages.
network_edit_site_nav() wp-admin/includes/ms.php

Outputs the HTML for a network’s “Edit Site” tabular interface.
wp_ajax_delete_plugin() wp-admin/includes/ajax-actions.php

Ajax handler for deleting a plugin.
wp_ajax_install_theme() wp-admin/includes/ajax-actions.php

Ajax handler for installing a theme.
wp_ajax_update_theme() wp-admin/includes/ajax-actions.php

Ajax handler for updating a theme.
wp_ajax_delete_theme() wp-admin/includes/ajax-actions.php

Ajax handler for deleting a theme.
wp_ajax_install_plugin() wp-admin/includes/ajax-actions.php

Ajax handler for installing a plugin.
the_embed_site_title() wp-includes/embed.php

Prints the necessary markup for the site title in an embed template.
WP_Customize_Widgets::start_dynamic_sidebar() wp-includes/class-wp-customize-widgets.php

Begins keeping track of the current sidebar being rendered.
WP_Customize_Widgets::end_dynamic_sidebar() wp-includes/class-wp-customize-widgets.php

Finishes keeping track of the current sidebar being rendered.
_oembed_create_xml() wp-includes/embed.php

Creates an XML string from a given array.
WP_Customize_Nav_Menu_Location_Control::render_content() wp-includes/customize/class-wp-customize-nav-menu-location-control.php

Render content just like a normal select control.
WP_Customize_Nav_Menu_Setting::sanitize() wp-includes/customize/class-wp-customize-nav-menu-setting.php

Sanitize an input.
WP_Customize_Nav_Menus::available_items_template() wp-includes/class-wp-customize-nav-menus.php

Prints the HTML template used to render the add-menu-item frame.
WP_Customize_Nav_Menus::enqueue_scripts() wp-includes/class-wp-customize-nav-menus.php

Enqueues scripts and styles for Customizer pane.
WP_Customize_New_Menu_Section::render() wp-includes/customize/class-wp-customize-new-menu-section.php

Render the section, and the controls that have been added to it.
WP_Posts_List_Table::column_title() wp-admin/includes/class-wp-posts-list-table.php

Handles the title column output.
WP_Posts_List_Table::column_default() wp-admin/includes/class-wp-posts-list-table.php

Handles the default column output.
WP_Comments_List_Table::handle_row_actions() wp-admin/includes/class-wp-comments-list-table.php

Generates and displays row actions links.
WP_Media_List_Table::column_default() wp-admin/includes/class-wp-media-list-table.php

Handles output for the default column.
WP_Media_List_Table::column_title() wp-admin/includes/class-wp-media-list-table.php

Handles the title column output.
the_meta() wp-includes/post-template.php

Displays a list of post custom fields.
wp_ajax_update_plugin() wp-admin/includes/ajax-actions.php

Ajax handler for updating a plugin.
WP_Customize_Manager::render_control_templates() wp-includes/class-wp-customize-manager.php

Renders JS templates for all registered control types.
_navigation_markup() wp-includes/link-template.php

Wraps passed links in navigational markup.
WP_Date_Query::validate_date_values() wp-includes/class-wp-date-query.php

Validates the given date_query values and triggers errors if something is not valid.
WP_Customize_Section::json() wp-includes/class-wp-customize-section.php

Gather the parameters passed to client JavaScript via JSON.
wp_dropdown_languages() wp-includes/l10n.php

Displays or returns a Language selector.
wp_ajax_parse_embed() wp-admin/includes/ajax-actions.php

Apply [embed] Ajax handlers to a string.
wp_install_language_form() wp-admin/includes/translation-install.php

Output the select form for the language selection on the installation screen.
signup_user() wp-signup.php

Shows a form for a visitor to sign up for a new user account.
show_blog_form() wp-signup.php

Generates and displays the Sign-up and Create Site forms.
WP_Upgrader::fs_connect() wp-admin/includes/class-wp-upgrader.php

Connect to the filesystem.
WP_Screen::render_screen_meta() wp-admin/includes/class-wp-screen.php

Renders the screen’s help section.
WP_Plugins_List_Table::no_items() wp-admin/includes/class-wp-plugins-list-table.php
wp_dropdown_cats() wp-admin/includes/deprecated.php

Legacy function used for generating a categories drop-down control.
install_themes_dashboard() wp-admin/includes/theme-install.php

Displays tags filter for themes.
Bulk_Upgrader_Skin::error() wp-admin/includes/class-bulk-upgrader-skin.php
WP_Upgrader_Skin::error() wp-admin/includes/class-wp-upgrader-skin.php
mu_dropdown_languages() wp-admin/includes/ms.php

Generates and displays a drop-down of available languages.
new_user_email_admin_notice() wp-includes/user.php

Adds an admin notice alerting the user to check for confirmation request email after email address change.
wp_image_editor() wp-admin/includes/image-edit.php

Loads the WP image-editing interface.
admin_color_scheme_picker() wp-admin/includes/misc.php

Displays the default admin color scheme picker (Used in user-edit.php).
install_plugin_information() wp-admin/includes/plugin-install.php

Displays plugin information in dialog box form.
wp_dashboard_plugins_output() wp-admin/includes/deprecated.php

Display plugins text for the WordPress news widget.
wp_dashboard_browser_nag() wp-admin/includes/dashboard.php

Displays the browser update nag.
wp_dashboard_recent_drafts() wp-admin/includes/dashboard.php

Show recent drafts of the user on the dashboard.
_wp_dashboard_recent_comments_row() wp-admin/includes/dashboard.php

Outputs a row for the Recent Comments widget.
WP_Plugin_Install_List_Table::display_rows() wp-admin/includes/class-wp-plugin-install-list-table.php
Walker_Category_Checklist::start_el() wp-admin/includes/class-walker-category-checklist.php

Start the element output.
_draft_or_post_title() wp-admin/includes/template.php

Gets the post title.
get_inline_data() wp-admin/includes/template.php

Adds hidden fields with the data for use in the inline editor for posts and pages.
meta_form() wp-admin/includes/template.php

Prints the form in the Custom Fields meta box.
page_template_dropdown() wp-admin/includes/template.php

Prints out option HTML elements for the page templates drop-down.
parent_dropdown() wp-admin/includes/template.php

Prints out option HTML elements for the page parents drop-down.
do_accordion_sections() wp-admin/includes/template.php

Meta Box Accordion Template Function.
wp_popular_terms_checklist() wp-admin/includes/template.php

Retrieves a list of the most popular terms from the specified taxonomy.
wp_link_category_checklist() wp-admin/includes/template.php

Outputs a link category checklist element.
WP_Users_List_Table::single_row() wp-admin/includes/class-wp-users-list-table.php

Generate HTML for a single row on the users.php admin panel.
media_upload_type_form() wp-admin/includes/media.php

Outputs the legacy media upload form for a given media type.
media_upload_library_form() wp-admin/includes/media.php

Outputs the legacy media upload form for the media library.
attachment_submitbox_metadata() wp-admin/includes/media.php

Displays non-editable attachment metadata in the publish meta box.
get_media_item() wp-admin/includes/media.php

Retrieves HTML form for modifying the image attachment.
media_upload_form() wp-admin/includes/media.php

Outputs the legacy media upload form.
wp_media_upload_handler() wp-admin/includes/media.php

Handles the process of uploading media.
get_sample_permalink_html() wp-admin/includes/post.php

Returns the HTML of the sample permalink slug editor.
_wp_post_thumbnail_html() wp-admin/includes/post.php

Returns HTML for the post thumbnail meta box.
_admin_notice_post_locked() wp-admin/includes/post.php

Outputs the HTML for the notice to say that someone else is editing or has taken over editing of this post.
get_default_post_to_edit() wp-admin/includes/post.php

Returns default post information to use when populating the “Write Post” form.
wp_ajax_upload_attachment() wp-admin/includes/ajax-actions.php

Ajax handler for uploading attachments
wp_ajax_wp_fullscreen_save_post() wp-admin/includes/ajax-actions.php

Ajax handler for saving posts from the fullscreen editor.
wp_ajax_inline_save() wp-admin/includes/ajax-actions.php

Ajax handler for Quick Edit saving a post from a list table.
wp_ajax_find_posts() wp-admin/includes/ajax-actions.php

Ajax handler for querying posts for the Find Posts modal.
wp_ajax_add_link_category() wp-admin/includes/ajax-actions.php

Ajax handler for adding a link category.
wp_get_revision_ui_diff() wp-admin/includes/revision.php

Get the revision UI diff.
post_trackback_meta_box() wp-admin/includes/meta-boxes.php

Displays trackback links form fields.
page_attributes_meta_box() wp-admin/includes/meta-boxes.php

Displays page attributes form fields.
post_submit_meta_box() wp-admin/includes/meta-boxes.php

Displays post submit form fields.
post_format_meta_box() wp-admin/includes/meta-boxes.php

Displays post format form elements.
post_categories_meta_box() wp-admin/includes/meta-boxes.php

Displays post categories form fields.
edit_link() wp-admin/includes/bookmark.php

Updates or inserts a link using values provided in $_POST.
WP_Comments_List_Table::column_author() wp-admin/includes/class-wp-comments-list-table.php
WP_Comments_List_Table::column_response() wp-admin/includes/class-wp-comments-list-table.php
WP_Comments_List_Table::column_comment() wp-admin/includes/class-wp-comments-list-table.php
Walker_Nav_Menu_Edit::start_el() wp-admin/includes/class-walker-nav-menu-edit.php

Start the element output.
Walker_Nav_Menu_Checklist::start_el() wp-admin/includes/class-walker-nav-menu-checklist.php

Start the element output.
wp_nav_menu_item_taxonomy_meta_box() wp-admin/includes/nav-menu.php

Displays a meta box for a taxonomy menu item.
request_filesystem_credentials() wp-admin/includes/file.php

Displays a form to the user to request for their FTP/SSH details in order to connect to the filesystem.
WP_Posts_List_Table::inline_edit() wp-admin/includes/class-wp-posts-list-table.php

Outputs the hidden row displayed when inline editing
wp_list_widget_controls() wp-admin/includes/widgets.php

Show the widgets and their settings for a sidebar.
wp_widget_control() wp-admin/includes/widgets.php

Meta widget used to display the control form for a widget.
_wp_credits_add_profile_link() wp-admin/includes/credits.php

Retrieve the link to a contributor’s WordPress.org profile page.
_wp_credits_build_object_link() wp-admin/includes/credits.php

Retrieve the link to an external library used in WordPress.
Custom_Image_Header::step_1() wp-admin/includes/class-custom-image-header.php

Display first step of custom header image page.
WP_Object_Cache::stats() wp-includes/class-wp-object-cache.php

Echoes the stats of the caching.
wp_generate_tag_cloud() wp-includes/category-template.php

Generates a tag cloud (heatmap) from provided data.
esc_html__() wp-includes/l10n.php

Retrieves the translation of $text and escapes it for safe use in HTML output.
esc_html_e() wp-includes/l10n.php

Displays translated text that has been escaped for safe use in HTML output.
esc_html_x() wp-includes/l10n.php

Translates string with gettext context, and escapes it for safe use in HTML output.
sanitize_option() wp-includes/formatting.php

Sanitizes various option values based on the nature of the option.
wp_pre_kses_less_than_callback() wp-includes/formatting.php

Callback function used by preg_replace.
wp_login_form() wp-includes/general-template.php

Provides a simple login form for use anywhere within WordPress.
wp_specialchars() wp-includes/deprecated.php

Legacy escaping for HTML blocks.
the_content_rss() wp-includes/deprecated.php

Display the post content for the feed.
WP_Theme::markup_header() wp-includes/class-wp-theme.php

Marks up a theme header.
WP_Theme::__construct() wp-includes/class-wp-theme.php

Constructor for WP_Theme.
wp_timezone_choice() wp-includes/functions.php

Gives a nicely-formatted list of timezone strings.
wp_nonce_url() wp-includes/functions.php

Retrieves URL with nonce added to URL query.
wp_upload_dir() wp-includes/functions.php

Returns an array containing the current upload directory’s path and URL.
WP_Nav_Menu_Widget::form() wp-includes/widgets/class-wp-nav-menu-widget.php

Outputs the settings form for the Navigation Menu widget.
WP_Widget_Tag_Cloud::form() wp-includes/widgets/class-wp-widget-tag-cloud.php

Outputs the Tag Cloud widget settings form.
WP_Widget_RSS::widget() wp-includes/widgets/class-wp-widget-rss.php

Outputs the content for the current RSS widget instance.
WP_Widget_Archives::widget() wp-includes/widgets/class-wp-widget-archives.php

Outputs the content for the current Archives widget instance.
WP_Widget_Links::form() wp-includes/widgets/class-wp-widget-links.php

Outputs the settings form for the Links widget.
wp_widget_rss_output() wp-includes/widgets.php

Display the RSS entries in a list.
wp_widget_rss_form() wp-includes/widgets.php

Display RSS widget options form.
WP_Embed::maybe_make_link() wp-includes/class-wp-embed.php

Conditionally makes a hyperlink based on an internal class variable.
sanitize_term_field() wp-includes/taxonomy.php

Sanitizes the field value in the term based on the context.
wp_version_check() wp-includes/update.php

Checks WordPress version against the newest version.
WP_oEmbed::data2html() wp-includes/class-wp-oembed.php

Converts a data object from WP_oEmbed::fetch() and returns the HTML.
wp_admin_bar_site_menu() wp-includes/admin-bar.php

Adds the “Site Name” menu.
wp_protect_special_option() wp-includes/option.php

Protects WordPress special option from being modified.
wp_dropdown_users() wp-includes/user.php

Creates dropdown HTML content of users.
sanitize_user_field() wp-includes/user.php

Sanitizes user field based on context.
Walker_PageDropdown::start_el() wp-includes/class-walker-page-dropdown.php

Starts the element output.
wp_get_attachment_link() wp-includes/post-template.php

Retrieves an attachment page link using an image or icon, if possible.
wp_video_shortcode() wp-includes/media.php

Builds the Video shortcode output.
wp_audio_shortcode() wp-includes/media.php

Builds the Audio shortcode output.
wpmu_welcome_user_notification() wp-includes/ms-functions.php

Notifies a user that their account activation has been successful.
wpmu_welcome_notification() wp-includes/ms-functions.php

Notifies the site administrator that their site activation was successful.
wpmu_signup_blog_notification() wp-includes/ms-functions.php

Sends a confirmation request email to a user when they sign up for a new site. The new site will not become active until the confirmation link is clicked.
wpmu_signup_user_notification() wp-includes/ms-functions.php

Sends a confirmation request email to a user when they sign up for a new user account (without signing up for a site at the same time). The user account will not become active until the confirmation link is clicked.
sanitize_bookmark_field() wp-includes/bookmark.php

Sanitizes a bookmark field.
wpmu_admin_do_redirect() wp-includes/ms-deprecated.php

Redirect a user based on $_GET or $_POST arguments.
wp_update_nav_menu_object() wp-includes/nav-menu.php

Saves the properties of a menu or create a new menu with those properties.
wp_rss() wp-includes/rss.php

Display all RSS items in a HTML ordered list.
get_rss() wp-includes/rss.php

Display RSS items in HTML list items.
wp_xmlrpc_server::pingback_ping() wp-includes/class-wp-xmlrpc-server.php

Retrieves a pingback and registers it.
wp_xmlrpc_server::mw_getCategories() wp-includes/class-wp-xmlrpc-server.php

Retrieves the list of categories on a given blog.
wp_xmlrpc_server::wp_getTags() wp-includes/class-wp-xmlrpc-server.php

Gets the list of all tags.
WP_Customize_Control::render_content() wp-includes/class-wp-customize-control.php

Render the control’s content.
wp_widget_description() wp-includes/widgets.php

Retrieve description for widget.
get_cancel_comment_reply_link() wp-includes/comment-template.php

Retrieves HTML content for cancel comment reply link.
get_comment_author_email_link() wp-includes/comment-template.php

Returns the HTML email link to the author of the current comment.
comment_author_IP() wp-includes/comment-template.php

Displays the IP address of the author of the current comment.
WP_Customize_Widgets::output_widget_control_templates() wp-includes/class-wp-customize-widgets.php

Renders the widget form control templates into the DOM.
_WP_Editors::wp_link_query() wp-includes/class-wp-editor.php

Performs post queries for internal linking.
wp_print_media_templates() wp-includes/media-template.php

Prints the templates used in the media manager.
Show 173 more used by Hide more used by

Top ↑

Changelog

Changelog
Version Description
2.8.0 Introduced.

Top ↑

User Contributed Notes

  1. Skip to note 1 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 12You must log in to vote on the helpfulness of this note
    Contributed by Codex

    Examples

    $html = esc_html( '<a href="http://www.example.com/">A link</a>' );

    $html now contains this:

    &lt;a href=&quot;http://www.example.com/&quot;&gt;A link&lt;/a&gt;

    which would be displayed in an HTML document as:

    <a href="http://www.example.com/">A link</a>

    Instead of like this:

    A link

You must log in before being able to contribute a note or feedback.