wp_strip_all_tags( string $text, bool $remove_breaks = false ): string

Properly strips all HTML tags including script and style

Description
Parameters
Return
More Information
Source
Related
- Uses
- Used By
Changelog
User Contributed Notes

Description

This differs from strip_tags() because it removes the contents of the <script> and <style> tags. E.g. strip_tags( '<script>something</script>' ) will return ‘something’. wp_strip_all_tags will return ”

Top ↑

Parameters

$text string Required: String containing HTML tags
$remove_breaks bool Optional: Whether to remove left over line breaks and white space chars

Default: false

Top ↑

Return

string The processed string.

Top ↑

More Information

wp_strip_all_tags() is added to the following filters by default (see wp-includes/default-filters.php):

pre_comment_author_url
pre_user_url
pre_link_url
pre_link_image
pre_link_rss
pre_post_guid

It is also applied to these filters by default when on the administration side of the site:

user_url
link_url
link_image
link_rss
comment_url
post_guid

Top ↑

Source

File: wp-includes/formatting.php. View all references

function wp_strip_all_tags( $text, $remove_breaks = false ) {
	if ( is_null( $text ) ) {
		return '';
	}

	if ( ! is_scalar( $text ) ) {
		/*
		 * To maintain consistency with pre-PHP 8 error levels,
		 * trigger_error() is used to trigger an E_USER_WARNING,
		 * rather than _doing_it_wrong(), which triggers an E_USER_NOTICE.
		 */
		trigger_error(
			sprintf(
				/* translators: 1: The function name, 2: The argument number, 3: The argument name, 4: The expected type, 5: The provided type. */
				__( 'Warning: %1$s expects parameter %2$s (%3$s) to be a %4$s, %5$s given.' ),
				__FUNCTION__,
				'#1',
				'$text',
				'string',
				gettype( $text )
			),
			E_USER_WARNING
		);

		return '';
	}

	$text = preg_replace( '@<(script|style)[^>]*?>.*?</\\1>@si', '', $text );
	$text = strip_tags( $text );

	if ( $remove_breaks ) {
		$text = preg_replace( '/[\r\n\t ]+/', ' ', $text );
	}

	return trim( $text );
}

View on Trac View on GitHub

Top ↑

Uses

Uses
Uses	Description
__() wp-includes/l10n.php	Retrieves the translation of $text.

Top ↑

Used By

Used By
Used By	Description
WP_Font_Face::generate_and_print() wp-includes/fonts/class-wp-font-face.php	Generates and prints the `@font-face` styles for the given fonts.
WP_Style_Engine_CSS_Declarations::filter_declaration() wp-includes/style-engine/class-wp-style-engine-css-declarations.php	Filters a CSS property + value pair.
WP_REST_URL_Details_Controller::prepare_metadata_for_output() wp-includes/rest-api/endpoints/class-wp-rest-url-details-controller.php	Prepares the metadata by: – stripping all HTML tags and tag entities.
WP_Application_Passwords_List_Table::print_js_template_row() wp-admin/includes/class-wp-application-passwords-list-table.php	Prints the JavaScript template for the new row item.
WP_REST_Block_Directory_Controller::prepare_item_for_response() wp-includes/rest-api/endpoints/class-wp-rest-block-directory-controller.php	Parse block metadata for a block, and prepare it for an API response.
wp_check_comment_disallowed_list() wp-includes/comment.php	Checks if a comment contains disallowed characters or words.
Plugin_Installer_Skin::do_overwrite() wp-admin/includes/class-plugin-installer-skin.php	Checks if the plugin can be overwritten and outputs the HTML for overwriting a plugin on upload.
Theme_Installer_Skin::do_overwrite() wp-admin/includes/class-theme-installer-skin.php	Checks if the theme can be overwritten and outputs the HTML for overwriting a theme on upload.
WP_Recovery_Mode_Email_Service::send_recovery_mode_email() wp-includes/class-wp-recovery-mode-email-service.php	Sends the Recovery Mode email to the site admin email address.
_sanitize_text_fields() wp-includes/formatting.php	Internal helper function to sanitize a string from user input or from the database.
WP_Screen::render_list_table_columns_preferences() wp-admin/includes/class-wp-screen.php	Renders the list table columns preferences.
WP_List_Table::single_row_columns() wp-admin/includes/class-wp-list-table.php	Generates the columns for a single row of the table.
WP_Users_List_Table::single_row() wp-admin/includes/class-wp-users-list-table.php	Generates HTML for a single row on the users.php admin panel.
media_upload_form_handler() wp-admin/includes/media.php	Handles form submissions for the legacy media uploader.
edit_post() wp-admin/includes/post.php	Updates an existing post with values provided in `$_POST`.
wp_ajax_save_attachment() wp-admin/includes/ajax-actions.php	Handles updating attachment attributes via AJAX.
wp_html_excerpt() wp-includes/formatting.php	Safely extracts not more than the first $count characters from HTML string.
wp_trim_words() wp-includes/formatting.php	Trims text to a certain number of words.
sanitize_user() wp-includes/formatting.php	Sanitizes a username, stripping out unsafe characters.
wp_setup_nav_menu_item() wp-includes/nav-menu.php	Decorates a menu item object with the shared navigation menu item properties.