Sanitize a string from user input or from the db
check for invalid UTF-8, Convert single < characters to entity, strip all tags, remove line breaks, tabs and extra white space, strip octets.
Signature
sanitize_text_field( $str )- str
- (string)
Return
(string)
Source
function sanitize_text_field($str) {
$filtered = wp_check_invalid_utf8( $str );
if ( strpos($filtered, '<') !== false ) {
$filtered = wp_pre_kses_less_than( $filtered );
// This will strip extra whitespace for us.
$filtered = wp_strip_all_tags( $filtered, true );
} else {
$filtered = trim( preg_replace('/[\r\n\t ]+/', ' ', $filtered) );
}
$match = array();
$found = false;
while ( preg_match('/%[a-f0-9]{2}/i', $filtered, $match) ) {
$filtered = str_replace($match[0], '', $filtered);
$found = true;
}
if ( $found ) {
// Strip out the whitespace that may now exist after removing the octets.
$filtered = trim( preg_replace('/ +/', ' ', $filtered) );
}
return apply_filters('sanitize_text_field', $filtered, $str);
}Link here
-
URL
http://queryposts.com/function/sanitize_text_field/ -
HTML
<a href='http://queryposts.com/function/sanitize_text_field/'>sanitize_text_field()</a> -
Markdown
[sanitize_text_field()](http://queryposts.com/function/sanitize_text_field/) -
BBCode
[url=http://queryposts.com/function/sanitize_text_field/]sanitize_text_field()[/url]