esc_js
Escape single quotes, htmlspecialchar " &, and fix line endings.
Description
(string) esc_js( (string) $text );
Escapes text strings for echoing in JS. It is intended to be used for inline JS (in a tag attribute, for example onclick="..."). Note that the strings have to be in single quotes. The filter is also applied here.
Returns (string)
Escaped text.
Parameters (1)
- 0. $text (string)
- The text to be escaped.
Usage
if ( !function_exists( 'esc_js' ) ) { require_once ABSPATH . WPINC . '/formatting.php'; } // The text to be escaped. $text = ''; // NOTICE! Understand what this does before running. $result = esc_js($text);
Defined (1)
The function is defined in the following location(s).
- /wp-includes/formatting.php
- function esc_js( $text ) {
- $safe_text = wp_check_invalid_utf8( $text );
- $safe_text = _wp_specialchars( $safe_text, ENT_COMPAT );
- $safe_text = preg_replace( '/(x)?0*(?(1)27|39);?/i', "'", stripslashes( $safe_text ) );
- $safe_text = str_replace( "\r", '', $safe_text );
- $safe_text = str_replace( "\n", '\\n', addslashes( $safe_text ) );
- /**
- * Filters a string cleaned and escaped for output in JavaScript.
- *
- * Text passed to esc_js() is stripped of invalid or special characters,
- * and properly slashed for output.
- *
- * @since 2.0.6
- *
- * @param string $safe_text The text after it has been escaped.
- * @param string $text The text prior to being escaped.
- */
- return apply_filters( 'js_escape', $safe_text, $text );
- }