_wp_specialchars [ WordPress Functions ]
_wp_specialchars ( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false )
| Access: |
|
| Parameters: |
|
| Returns: |
|
| Defined at: |
|
| Codex |
Similar Functions: wp_specialchars, wp_specialchars_decode, wp_cache_reset, wp_slash, wp_get_nocache_headers
Converts a number of special characters into their HTML entities.
Specifically deals with: &, <, >, ", and '.
$quote_style can be set to ENT_COMPAT to encode " to ", or ENT_QUOTES to do both. Default is ENT_NOQUOTES where no quotes are encoded.
Source
function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
$string = (string) $string;
if ( 0 === strlen( $string ) )
return '';
// Don't bother if there are no specialchars - saves some processing
if ( ! preg_match( '/[&<>"\']/', $string ) )
return $string;
// Account for the previous behaviour of the function when the $quote_style is not an accepted value
if ( empty( $quote_style ) )
$quote_style = ENT_NOQUOTES;
elseif ( ! in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) )
$quote_style = ENT_QUOTES;
// Store the site charset as a static to avoid multiple calls to wp_load_alloptions()
if ( ! $charset ) {
static $_charset;
if ( ! isset( $_charset ) ) {
$alloptions = wp_load_alloptions();
$_charset = isset( $alloptions['blog_charset'] ) ? $alloptions['blog_charset'] : '';
}
$charset = $_charset;
}
if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) )
$charset = 'UTF-8';
$_quote_style = $quote_style;
if ( $quote_style === 'double' ) {
$quote_style = ENT_COMPAT;
$_quote_style = ENT_COMPAT;
} elseif ( $quote_style === 'single' ) {
$quote_style = ENT_NOQUOTES;
}
// Handle double encoding ourselves
if ( $double_encode ) {
$string = @htmlspecialchars( $string, $quote_style, $charset );
} else {
// Decode & into &
$string = wp_specialchars_decode( $string, $_quote_style );
// Guarantee every &entity; is valid or re-encode the &
$string = wp_kses_normalize_entities( $string );
// Now re-encode everything except &entity;
$string = preg_split( '/(&#?x?[0-9a-z]+;)/i', $string, -1, PREG_SPLIT_DELIM_CAPTURE );
for ( $i = 0; $i < count( $string ); $i += 2 )
$string[$i] = @htmlspecialchars( $string[$i], $quote_style, $charset );
$string = implode( '', $string );
}
// Backwards compatibility
if ( 'single' === $_quote_style )
$string = str_replace( "'", ''', $string );
return $string;
}Examples [ wp-snippets.com ]
Top Google Search Results
- _wp_specialchars (WordPress Function) - WPSeek.com
6 days ago ... Converts a number of special characters into their HTML entities. WordPress lookup for _wp_specialchars, a WordPress Function.
wpseek.com - Function Reference/wp specialchars « WordPress Codex
Description. This function is deprecated as of WordPress 2.8.0. Please use esc_html instead. Converts a number of special characters into their HTML entities.
codex.wordpress.org - file - WordPress
Run only on admin pages for defense in depth. add_filter( $filter, ' sanitize_text_field' ); add_filter( $filter, 'wp_kses_data' ); } add_filter( $filter, ' _wp_specialchars' ...
core.svn.wordpress.org - why is esc_html() - WordPress Answers - Stack Exchange
Apr 15, 2011 ... If not that, then it's getting sanitized when filtered by _wp_specialchars() , which does double-encoding(by default,no) and all sorts of things.
wordpress.stackexchange.com