wp_strip_all_tags( string $string, bool $remove_breaks = false )

Properly strip all HTML tags including script and style

Description
Parameters
Return
More Information
Source
Related
- Used By
Changelog
User Contributed Notes

Description

This differs from strip_tags() because it removes the contents of the <script> and <style> tags. E.g. strip_tags( '<script>something</script>' ) will return ‘something’. wp_strip_all_tags will return ”

Top ↑

Parameters

$string

(string) (Required) String containing HTML tags

$remove_breaks

(bool) (Optional) Whether to remove left over line breaks and white space chars

Default value: false

Top ↑

Return

(string) The processed string.

Top ↑

More Information

wp_strip_all_tags() is added to the following filters by default (see wp-includes/default-filters.php):

pre_comment_author_url
pre_user_url
pre_link_url
pre_link_image
pre_link_rss
pre_post_guid

It is also applied to these filters by default when on the administration side of the site:

user_url
link_url
link_image
link_rss
comment_url
post_guid

Top ↑

Source

File: wp-includes/formatting.php

function wp_strip_all_tags( $string, $remove_breaks = false ) {
	$string = preg_replace( '@<(script|style)[^>]*?>.*?</\\1>@si', '', $string );
	$string = strip_tags( $string );

	if ( $remove_breaks ) {
		$string = preg_replace( '/[\r\n\t ]+/', ' ', $string );
	}

	return trim( $string );
}

Expand full source code Collapse full source code View on Trac View on GitHub

Top ↑

Used By

Used By
Used By	Description
wp-includes/rest-api/endpoints/class-wp-rest-url-details-controller.php: WP_REST_URL_Details_Controller::prepare_metadata_for_output()	Prepares the metadata by: – stripping all HTML tags and tag entities.
wp-admin/includes/class-wp-application-passwords-list-table.php: WP_Application_Passwords_List_Table::print_js_template_row()	Prints the JavaScript template for the new row item.
wp-includes/rest-api/endpoints/class-wp-rest-block-directory-controller.php: WP_REST_Block_Directory_Controller::prepare_item_for_response()	Parse block metadata for a block, and prepare it for an API repsonse.
wp-includes/comment.php: wp_check_comment_disallowed_list()	Checks if a comment contains disallowed characters or words.
wp-admin/includes/class-plugin-installer-skin.php: Plugin_Installer_Skin::do_overwrite()	Check if the plugin can be overwritten and output the HTML for overwriting a plugin on upload.
wp-admin/includes/class-theme-installer-skin.php: Theme_Installer_Skin::do_overwrite()	Check if the theme can be overwritten and output the HTML for overwriting a theme on upload.
wp-includes/class-wp-recovery-mode-email-service.php: WP_Recovery_Mode_Email_Service::send_recovery_mode_email()	Sends the Recovery Mode email to the site admin email address.
wp-includes/formatting.php: _sanitize_text_fields()	Internal helper function to sanitize a string from user input or from the db
wp-admin/includes/class-wp-screen.php: WP_Screen::render_list_table_columns_preferences()	Render the list table columns preferences.
wp-admin/includes/class-wp-list-table.php: WP_List_Table::single_row_columns()	Generates the columns for a single row of the table.
wp-admin/includes/class-wp-users-list-table.php: WP_Users_List_Table::single_row()	Generate HTML for a single row on the users.php admin panel.
wp-admin/includes/media.php: media_upload_form_handler()	Handles form submissions for the legacy media uploader.
wp-admin/includes/post.php: edit_post()	Updates an existing post with values provided in `$_POST`.
wp-admin/includes/ajax-actions.php: wp_ajax_save_attachment()	Ajax handler for updating attachment attributes.
wp-includes/formatting.php: wp_html_excerpt()	Safely extracts not more than the first $count characters from HTML string.
wp-includes/formatting.php: wp_trim_words()	Trims text to a certain number of words.
wp-includes/formatting.php: sanitize_user()	Sanitizes a username, stripping out unsafe characters.
wp-includes/nav-menu.php: wp_setup_nav_menu_item()	Decorates a menu item object with the shared navigation menu item properties.