Question

sanitize_html_class( string $class,  string $fallback = '' )

Sanitizes an HTML classname to ensure it only contains valid characters.

---

description

Strips the string down to A-Z,a-z,0-9,_,-. If this results in an empty string then it will return the alternative value supplied.

---

参数

$class

(string) (Required) The classname to be sanitized

$fallback

(string) (Optional) The value to return if the sanitization ends up as an empty string. Defaults to an empty string.

Default value: ''

---

返回值

(string) The sanitized value

---

源代码

File: wp-includes/formatting.php

function sanitize_html_class( $class, $fallback = '' ) {
	//Strip out any % encoded octets
	$sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class );

	//Limit to A-Z,a-z,0-9,_,-
	$sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized );

	if ( '' == $sanitized && $fallback ) {
		return sanitize_html_class( $fallback );
	}
	/**
	 * Filters a sanitized HTML class string.
	 *
	 * @since 2.8.0
	 *
	 * @param string $sanitized The sanitized HTML class.
	 * @param string $class     HTML class before sanitization.
	 * @param string $fallback  The fallback string.
	 */
	return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback );
}

---

更新日志

Version	description
2.8.0	Introduced.

---

相关函数

Uses

• wp-includes/formatting.php: sanitize_html_class()
• wp-includes/formatting.php: sanitize_html_class
• wp-includes/plugin.php: apply_filters()

---

Used By

• wp-admin/includes/class-wp-media-list-table.php: WP_Media_List_Table::column_title()
• wp-admin/includes/class-wp-press-this.php: WP_Press_This::html()
• wp-includes/link-template.php: _navigation_markup()
• wp-login.php: login_header()
• wp-admin/includes/class-wp-screen.php: WP_Screen::add_help_tab()
• wp-admin/includes/class-wp-plugin-install-list-table.php: WP_Plugin_Install_List_Table::display_rows()
• wp-admin/includes/template.php: iframe_header()
• wp-admin/includes/media.php: attachment_submitbox_metadata()
• wp-admin/menu-header.php: _wp_menu_output()
• wp-includes/formatting.php: sanitize_html_class()
• wp-includes/post-template.php: get_post_class()
• wp-includes/post-template.php: get_body_class()
• wp-includes/media.php: gallery_shortcode()
• wp-includes/media.php: img_caption_shortcode()
• wp-includes/comment-template.php: get_comment_class()
• wp-includes/class-wp-editor.php: _WP_Editors::editor_settings()
Show 11 more used by Hide more used by

---

User Contributed Notes

1. Skip to note content You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note Contributed by Codex

   Basic Example

   
   <?php
   // If you want to explicitly style a post, you can use the sanitized version of the post title as a class
   $post_class = sanitize_html_class( $post->post_title );
   echo '<div class="' . esc_attr( $post_class ) . '">';
   ?>
   

Created this function to help escape multiple HTML classes, you can give it an array of classes or a string of them separated by a delimiter:

if( ! function_exists("sanitize_html_classes") ){
    function sanitize_html_classes($classes, $sep = " "){
        $return = "";

        if(!is_array($classes)) {
            $classes = explode($sep, $classes);
        }

        if(!empty($classes)){
            foreach($classes as $class){
                $return .= sanitize_html_class($class) . " ";
            }
        }

        return $return;
    }
}