WordPress.org

Languages: English • 日本語 (Add your language)

Description

Escaping for HTML blocks.

Usage

<?php esc_html( $text ) ?>

Parameters

$text

(string) (required) Text to escape

Default: None

Return Values

HTML (string) 

Escaped HTML string.

Examples

$html = esc_html( '<a href="http://www.example.com/">A link</a>' );

$html now contains this:

<a href="http://www.example.com/">A link</a>

Which would be displayed in an HTML document as:

<a href="http://www.example.com/">A link</a>

Instead of this:

A link

Notes

• Uses the 'esc_html' filter.
• To safely display processed html, use either the 'wp_kses' or 'wp_kses_post' function.
• This function will not double-escape special characters. For instance, echo esc_html( 'A & B' ); will print A & B, instead of A & B

Change Log

• Since: 2.8.0

Source File

esc_html() is located in wp-includes/formatting.php.

Related

See: Data Validation article for an in-depth discussion of input and output sanitization.

• esc_html()
  • esc_html__()
  • esc_html_e()
• esc_attr()
  • esc_attr__()
  • esc_attr_e()
• esc_js()
• esc_sql()
• esc_textarea()
• esc_url()
  • esc_url_raw()