W3cubDocs

/WordPress

sanitize_text_field( string $str )

Sanitizes a string from user input or from the database.

Description

  • Checks for invalid UTF-8,
  • Converts single < characters to entities
  • Strips all tags
  • Removes line breaks, tabs, and extra whitespace
  • Strips octets

See also

Parameters

$str

(string) (Required) String to sanitize.

Return

(string) Sanitized string.

More Information

Basic Usage

<?php sanitize_text_field( $str ) ?>

Source

File: wp-includes/formatting.php 

function sanitize_text_field( $str ) {
	$filtered = _sanitize_text_fields( $str, false );

	/**
	 * Filters a sanitized text field string.
	 *
	 * @since 2.9.0
	 *
	 * @param string $filtered The sanitized string.
	 * @param string $str      The string prior to being sanitized.
	 */
	return apply_filters( 'sanitize_text_field', $filtered, $str );
}

Uses

Uses Description
wp-includes/formatting.php: _sanitize_text_fields()

Internal helper function to sanitize a string from user input or from the db
wp-includes/formatting.php: sanitize_text_field

Filters a sanitized text field string.
wp-includes/plugin.php: apply_filters()

Calls the callback functions that have been added to a filter hook.

Used By

Used By Description
wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php: WP_REST_Plugins_Controller::sanitize_plugin_param()

Sanitizes the “plugin” parameter to be a proper plugin file with “.php” appended.
wp-includes/sitemaps/class-wp-sitemaps.php: WP_Sitemaps::render_sitemaps()

Renders sitemap templates based on rewrite rules.
wp-admin/includes/ajax-actions.php: wp_ajax_toggle_auto_updates()

Ajax handler to enable or disable plugin and theme auto-updates.
wp-admin/includes/class-wp-debug-data.php: WP_Debug_Data::debug_data()

Static function for generating site debug data when required.
wp-admin/includes/ajax-actions.php: wp_ajax_health_check_get_sizes()

Ajax handler for site health check to get directories and database sizes.
wp-includes/l10n.php: determine_locale()

Determine the current locale desired for the request.
wp-admin/includes/class-wp-privacy-requests-table.php: WP_Privacy_Requests_Table::get_views()

Get an associative array ( id => link ) with the list of views available on this table.
wp-admin/includes/class-wp-privacy-requests-table.php: WP_Privacy_Requests_Table::prepare_items()

Prepare items to output.
wp-admin/includes/privacy-tools.php: _wp_personal_data_handle_actions()

Handle list table actions.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::handle_load_themes_request()

Load themes into the theme browsing/installation UI.
wp-includes/widgets/class-wp-widget-custom-html.php: WP_Widget_Custom_HTML::update()

Handles updating settings for the current Custom HTML widget instance.
wp-includes/rest-api.php: rest_sanitize_value_from_schema()

Sanitize a value based on a schema.
wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php: WP_REST_Attachments_Controller::create_item()

Creates a single attachment.
wp-admin/includes/ajax-actions.php: wp_ajax_delete_plugin()

Ajax handler for deleting a plugin.
wp-includes/customize/class-wp-customize-nav-menu-setting.php: WP_Customize_Nav_Menu_Setting::sanitize()

Sanitize an input.
wp-includes/customize/class-wp-customize-nav-menu-item-setting.php: WP_Customize_Nav_Menu_Item_Setting::sanitize()

Sanitize an input.
wp-includes/class-wp-customize-nav-menus.php: WP_Customize_Nav_Menus::ajax_search_available_items()

Ajax handler for searching available menu items.
wp-admin/includes/ajax-actions.php: wp_ajax_update_plugin()

Ajax handler for updating a plugin.
wp-signup.php: validate_another_blog_signup()

Validate a new site signup for an existing user.
wp-signup.php: validate_blog_signup()

Validate new site signup
wp-admin/includes/user.php: edit_user()

Edit user settings based on contents of $_POST
wp-admin/includes/media.php: media_handle_upload()

Saves a file submitted from a POST request and create an attachment post for it.
wp-admin/includes/post.php: edit_post()

Update an existing post with values provided in $_POST.
wp-admin/includes/ajax-actions.php: wp_ajax_save_attachment()

Ajax handler for updating attachment attributes.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::save()

Handle customize_save WP Ajax request to save/update a changeset.
wp-includes/widgets/class-wp-nav-menu-widget.php: WP_Nav_Menu_Widget::update()

Handles updating settings for the current Navigation Menu widget instance.
wp-includes/widgets/class-wp-widget-recent-comments.php: WP_Widget_Recent_Comments::update()

Handles updating settings for the current Recent Comments widget instance.
wp-includes/widgets/class-wp-widget-tag-cloud.php: WP_Widget_Tag_Cloud::update()

Handles updating settings for the current Tag Cloud widget instance.
wp-includes/widgets/class-wp-widget-categories.php: WP_Widget_Categories::update()

Handles updating settings for the current Categories widget instance.
wp-includes/widgets/class-wp-widget-recent-posts.php: WP_Widget_Recent_Posts::update()

Handles updating the settings for the current Recent Posts widget instance.
wp-includes/widgets/class-wp-widget-text.php: WP_Widget_Text::update()

Handles updating settings for the current Text widget instance.
wp-includes/widgets/class-wp-widget-calendar.php: WP_Widget_Calendar::update()

Handles updating settings for the current Calendar widget instance.
wp-includes/widgets/class-wp-widget-archives.php: WP_Widget_Archives::update()

Handles updating settings for the current Archives widget instance.
wp-includes/widgets/class-wp-widget-search.php: WP_Widget_Search::update()

Handles updating settings for the current Search widget instance.
wp-includes/widgets/class-wp-widget-meta.php: WP_Widget_Meta::update()

Handles updating settings for the current Meta widget instance.
wp-includes/widgets/class-wp-widget-pages.php: WP_Widget_Pages::update()

Handles updating settings for the current Pages widget instance.
wp-includes/post-template.php: wp_page_menu()

Displays or retrieves a list of pages with an optional home link.

Changelog

Version Description
2.9.0 Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/sanitize_text_field