esc_js()

最后更新于：2021-11-26 04:03:46

esc_js( string$text)

Escape single quotes, htmlspecialchar ” &, and fix line endings.

参数

$text: (string) (Required) The text to be escaped.

响应

(string) Escaped text.

源文件

文件: gc-includes/formatting.php

function esc_js( $text ) {
	$safe_text = gc_check_invalid_utf8( $text );
	$safe_text = _gc_specialchars( $safe_text, ENT_COMPAT );
	$safe_text = preg_replace( '/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes( $safe_text ) );
	$safe_text = str_replace( "r", '', $safe_text );
	$safe_text = str_replace( "n", '\n', addslashes( $safe_text ) );
	/**
	 * Filters a string cleaned and escaped for output in JavaScript.
	 *
	 * Text passed to esc_js() is stripped of invalid or special characters,
	 * and properly slashed for output.
	 *
	 * @since 2.0.6
	 *
	 * @param string $safe_text The text after it has been escaped.
	 * @param string $text      The text prior to being escaped.
	 */
	return apply_filters( 'js_escape', $safe_text, $text );
}

<?php
$onfocus = sprintf( 
	'if ( %s === this.value ) { this.value = ""; }',
	gc_json_encode( $instance['input_text'] )
);
$onblur = sprintf(
	'if ( "" === this.value ) { this.value = %s; }',
	gc_json_encode( $instance['input_text'] )
);
?>
<input id="subbox" type="text" name="email"
	value="<?php echo esc_attr( $instance['input_text'] ); ?>"
	onfocus="<?php echo esc_attr( $onfocus ); ?>"
	onblur="<?php echo esc_attr( $onblur ); ?>" />