wp_specialchars
Legacy escaping for HTML blocks.
Description
(string) wp_specialchars( (string) $string, (constant) $quote_style = ENT_NOQUOTES, (constant) $charset = false, (bool) $double_encode = false );
Returns (string)
Escaped `$string`.
Parameters (4)
- 0. $string (string)
- String to escape.
- 1. $quote_style — Optional. (constant) =>
ENT_NOQUOTES
- The quote style.
- 2. $charset — Optional. (constant) =>
false
- The charset.
- 3. $double_encode — Optional. (bool) =>
false
- Whether to double encode. Unused.
Usage
if ( !function_exists( 'wp_specialchars' ) ) { require_once ABSPATH . WPINC . '/deprecated.php'; } // String to escape. $string = ''; // The quote style. $quote_style = ENT_NOQUOTES; // The charset. $charset = false; // Whether to double encode. Unused. $double_encode = false; // NOTICE! Understand what this does before running. $result = wp_specialchars($string, $quote_style, $charset, $double_encode);
Defined (2)
The function is defined in the following location(s).
- /wp-includes/deprecated.php
- function wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
- _deprecated_function( __FUNCTION__, '2.8.0', 'esc_html()' );
- if ( func_num_args() > 1 ) { // Maintain back-compat for people passing additional arguments.
- $args = func_get_args();
- return call_user_func_array( '_wp_specialchars', $args );
- } else {
- return esc_html( $string );
- }
- }
- /wp-includes/formatting.php
- function _wp_specialchars( $string, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
- $string = (string) $string;
- if ( 0 === strlen( $string ) )
- return '';
- // Don't bother if there are no specialchars - saves some processing
- if ( ! preg_match( '/[&<>"\']/', $string ) )
- return $string;
- // Account for the previous behaviour of the function when the $quote_style is not an accepted value
- if ( empty( $quote_style ) )
- $quote_style = ENT_NOQUOTES;
- elseif ( ! in_array( $quote_style, array( 0, 2, 3, 'single', 'double' ), true ) )
- $quote_style = ENT_QUOTES;
- // Store the site charset as a static to avoid multiple calls to wp_load_alloptions()
- if ( ! $charset ) {
- static $_charset = null;
- if ( ! isset( $_charset ) ) {
- $alloptions = wp_load_alloptions();
- $_charset = isset( $alloptions['blog_charset'] ) ? $alloptions['blog_charset'] : '';
- }
- $charset = $_charset;
- }
- if ( in_array( $charset, array( 'utf8', 'utf-8', 'UTF8' ) ) )
- $charset = 'UTF-8';
- $_quote_style = $quote_style;
- if ( $quote_style === 'double' ) {
- $quote_style = ENT_COMPAT;
- $_quote_style = ENT_COMPAT;
- } elseif ( $quote_style === 'single' ) {
- $quote_style = ENT_NOQUOTES;
- }
- if ( ! $double_encode ) {
- // Guarantee every &entity; is valid, convert &garbage; into &garbage;
- // This is required for PHP < 5.4.0 because ENT_HTML401 flag is unavailable.
- $string = wp_kses_normalize_entities( $string );
- }
- $string = @htmlspecialchars( $string, $quote_style, $charset, $double_encode );
- // Back-compat.
- if ( 'single' === $_quote_style )
- $string = str_replace( "'", ''', $string );
- return $string;
- }