WordPress.org

Function Reference/wp kses

Contents 1 Description 2 Usage 3 Parameters 4 Return 5 Examples 5.1 Allowed HTML Tags Array 6 Further Reading

Description

This function makes sure that only the allowed HTML element names, attribute names and attribute values plus only sane HTML entities will occur in $string. You have to remove any slashes from PHP's magic quotes before you call this function.

Usage

 <?php wp_kses($string, $allowed_html, $allowed_protocols); ?> 

Parameters

$string

(string) Content to filter through kses

$allowed_html

(array) List of allowed HTML elements

$allowed_protocols

(array) (optional) Allow links in $string to these protocols.

The default allowed protocols are http, https, ftp, mailto, news, irc, gopher, nntp, feed, and telnet. This covers all common link protocols, except for javascript, which should not be allowed for untrusted users.

Return

This function returns a filtered string of HTML.

Examples

Allowed HTML Tags Array

This is an example of how to format an array of allowed HTML tags and attributes.

array('a' => array('href' => array(),'title' => array()),'br' => array(),'em' => array(),'strong' => array());

Further Reading

For a comprehensive list of functions, take a look at the category Functions

Also, see Function_Reference

• Home Page
• WordPress Lessons
• Getting Started
• Working with WordPress
• Design and Layout
• Advanced Topics
• Troubleshooting
• Developer Docs
• About WordPress

Codex Resources

• Community portal
• Current events
• Recent changes
• Random page
• Help