W3cubDocs

sanitize_html_class( string $class, string $fallback = '' )

Sanitizes an HTML classname to ensure it only contains valid characters.

Description

Strips the string down to A-Z,a-z,0-9,_,-. If this results in an empty string then it will return the alternative value supplied.

Parameters

$class

(string) (Required) The classname to be sanitized

$fallback

(string) (Optional) The value to return if the sanitization ends up as an empty string. Defaults to an empty string.

Default value: ''

Return

(string) The sanitized value

Source

File: wp-includes/formatting.php

function sanitize_html_class( $class, $fallback = '' ) {
	// Strip out any %-encoded octets.
	$sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class );

	// Limit to A-Z, a-z, 0-9, '_', '-'.
	$sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );

	if ( '' === $sanitized && $fallback ) {
		return sanitize_html_class( $fallback );
	}
	/**
	 * Filters a sanitized HTML class string.
	 *
	 * @since 2.8.0
	 *
	 * @param string $sanitized The sanitized HTML class.
	 * @param string $class     HTML class before sanitization.
	 * @param string $fallback  The fallback string.
	 */
	return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback );
}

Uses

Uses	Description
wp-includes/formatting.php: sanitize_html_class()	Sanitizes an HTML classname to ensure it only contains valid characters.
wp-includes/formatting.php: sanitize_html_class	Filters a sanitized HTML class string.
wp-includes/plugin.php: apply_filters()	Calls the callback functions that have been added to a filter hook.

Used By

Used By	Description
wp-admin/includes/class-wp-media-list-table.php: WP_Media_List_Table::column_title()	Handles the title column output.
wp-includes/link-template.php: _navigation_markup()	Wraps passed links in navigational markup.
wp-login.php: login_header()	Output the login page header.
wp-admin/includes/class-wp-screen.php: WP_Screen::add_help_tab()	Add a help tab to the contextual help for the screen.
wp-admin/includes/class-wp-plugin-install-list-table.php: WP_Plugin_Install_List_Table::display_rows()
wp-admin/includes/template.php: iframe_header()	Generic Iframe header for use with Thickbox
wp-admin/includes/media.php: attachment_submitbox_metadata()	Displays non-editable attachment metadata in the publish meta box.
wp-admin/menu-header.php: _wp_menu_output()	Display menu.
wp-includes/formatting.php: sanitize_html_class()	Sanitizes an HTML classname to ensure it only contains valid characters.
wp-includes/post-template.php: get_post_class()	Retrieves an array of the class names for the post container element.
wp-includes/post-template.php: get_body_class()	Retrieves an array of the class names for the body element.
wp-includes/media.php: gallery_shortcode()	Builds the Gallery shortcode output.
wp-includes/media.php: img_caption_shortcode()	Builds the Caption shortcode output.
wp-includes/comment-template.php: get_comment_class()	Returns the classes for the comment div as an array.
wp-includes/class-wp-editor.php: _WP_Editors::editor_settings()

Changelog

Version	Description
2.8.0	Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/sanitize_html_class