Converts a number of special characters into their HTML entities.
Specifically deals with: &, <, >, ", and '.
$quote_style can be set to ENT_COMPAT to encode " to ", or ENT_QUOTES to do both. Default is ENT_NOQUOTES where no quotes are encoded.
$textstringrequired
$quote_styleint|stringoptional
'single', double if set to 'double' or both if otherwise set.Default:ENT_NOQUOTES
$charsetfalse|stringoptional
Default:false
$double_encodebooloptional
Default:false
function _wp_specialchars( $text, $quote_style = ENT_NOQUOTES, $charset = false, $double_encode = false ) {
$text = (string) $text;
if ( 0 === strlen( $text ) ) {
return '';
}
// Don't bother if there are no specialchars - saves some processing.
if ( ! preg_match( '/[&<>"\']/', $text ) ) {
return $text;
}
// Account for the previous behavior of the function when the $quote_style is not an accepted value.
if ( empty( $quote_style ) ) {
$quote_style = ENT_NOQUOTES;
} elseif ( ENT_XML1 === $quote_style ) {
$quote_style = ENT_QUOTES | ENT_XML1;
} elseif ( ! in_array( $quote_style, array( ENT_NOQUOTES, ENT_COMPAT, ENT_QUOTES, 'single', 'double' ), true ) ) {
$quote_style = ENT_QUOTES;
}
$charset = _canonical_charset( $charset ? $charset : get_option( 'blog_charset' ) );
$_quote_style = $quote_style;
if ( 'double' === $quote_style ) {
$quote_style = ENT_COMPAT;
$_quote_style = ENT_COMPAT;
} elseif ( 'single' === $quote_style ) {
$quote_style = ENT_NOQUOTES;
}
if ( ! $double_encode ) {
/*
* Guarantee every &entity; is valid, convert &garbage; into &garbage;
* This is required for PHP < 5.4.0 because ENT_HTML401 flag is unavailable.
*/
$text = wp_kses_normalize_entities( $text, ( $quote_style & ENT_XML1 ) ? 'xml' : 'html' );
}
$text = htmlspecialchars( $text, $quote_style, $charset, $double_encode );
// Back-compat.
if ( 'single' === $_quote_style ) {
$text = str_replace( "'", ''', $text );
}
return $text;
}
© 2003–2024 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/_wp_specialchars