WordPress Security Standards want me to escape my html, but how to do it correctly?

phpwordpresselementorcodesniffer


PHP Snippet 1:

$output = "<HTML>
    <form>
        <div>
            <label>$i_am</label>
            <input type='text' name='i_am' value='' />
        </div>
        <div>
            <label>$and_i_am_looking_for</label>
            <input type='text' name='and_i_am_looking_for' value='' />
        </div>
    </form>
</HTML>";

PHP Snippet 2:

echo wp_kses(
    $output,
    array(
        'form'  => array(),
        'div'   => array(),
        'label' => array(),
        'input' => array(
            'type',
            'name',
            'value',
        ),
    )
);

Related Snippets

Error when uploading certain .png files "Interlace handling should be turned on when using png_read_image"

How can I get a div content in php

Do I need to install `fxp/composer-asset-plugin` if I'm not doing front-end development

Prestashop webservice API creating cart rules

PDOException SQLSTATE[HY000] [2002] No such file or directory

Laravel 5 controller sending JSON integer as string

How can I make this nested location configuration use the correct path to call a php program?

How to change HTML structure inside WP <head>

Display Link Title Instead of URL in XSL

Hide email address with stars (*)

How to show selected value using javascript in laravel

How to loop a tree array with unknown depth and get array blocks?

Change the alert text on add to cart action without selected variation in Woocommerce

Attempt to read property "view" on null when sending password reset email

WordPress - Dynamically add user ID to the end of a URL