esc_js()
最后更新于:2021-11-26 04:03:46
esc_js( string$text)Escape single quotes, htmlspecialchar ” &, and fix line endings.
参数
- $text
-
(string) (Required) The text to be escaped.
响应
(string) Escaped text.
源文件
文件: gc-includes/formatting.php
function esc_js( $text ) {
$safe_text = gc_check_invalid_utf8( $text );
$safe_text = _gc_specialchars( $safe_text, ENT_COMPAT );
$safe_text = preg_replace( '/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes( $safe_text ) );
$safe_text = str_replace( "r", '', $safe_text );
$safe_text = str_replace( "n", '\n', addslashes( $safe_text ) );
/**
* Filters a string cleaned and escaped for output in JavaScript.
*
* Text passed to esc_js() is stripped of invalid or special characters,
* and properly slashed for output.
*
* @since 2.0.6
*
* @param string $safe_text The text after it has been escaped.
* @param string $text The text prior to being escaped.
*/
return apply_filters( 'js_escape', $safe_text, $text );
}
<?php $onfocus = sprintf( 'if ( %s === this.value ) { this.value = ""; }', gc_json_encode( $instance['input_text'] ) ); $onblur = sprintf( 'if ( "" === this.value ) { this.value = %s; }', gc_json_encode( $instance['input_text'] ) ); ?> <input id="subbox" type="text" name="email" value="<?php echo esc_attr( $instance['input_text'] ); ?>" onfocus="<?php echo esc_attr( $onfocus ); ?>" onblur="<?php echo esc_attr( $onblur ); ?>" />