Help us to improve the Codex by filling out our documentation survey!Function Reference/esc attr
Languages: English • Português do Brasil • 中文(简体) • (Add your language)
Contents |
Description
Encodes the <, >, &, " and ' (less than, greater than, ampersand, double quote and single quote) characters. Will never double encode entities.
Always use when escaping HTML attributes (especially form values) such as alt, value, title, etc. To escape and echo the value of a translation use esc_attr_e() instead.
Usage
<?php $fname = esc_attr( $fname ); ?>
Parameters
- $text
- (string) (required) The text which is to be encoded.
- Default: None
Return Values
- (string)
- The encoded text with HTML entities.
Examples
<?php echo '<input type="text" name="fname" value="' . esc_attr( $_POST['fname'] ) . '">'; ?>
Change Log
Since: 2.8.0
Source File
esc_attr() is located in wp-includes/formatting.php.
Related
- esc_html()
- esc_attr()
- esc_attr__()
- esc_attr_e()
- esc_js()
- esc_textarea()
- esc_url()
See: Data Validation article for an in-depth discussion of input and output sanitization.
See also index of Function Reference and index of Template Tags.
