WordPress Security Standards want me to escape my html, but how to do it correctly?

phpwordpresselementorcodesniffer


PHP Snippet 1:

$output = "<HTML>
    <form>
        <div>
            <label>$i_am</label>
            <input type='text' name='i_am' value='' />
        </div>
        <div>
            <label>$and_i_am_looking_for</label>
            <input type='text' name='and_i_am_looking_for' value='' />
        </div>
    </form>
</HTML>";

PHP Snippet 2:

echo wp_kses(
    $output,
    array(
        'form'  => array(),
        'div'   => array(),
        'label' => array(),
        'input' => array(
            'type',
            'name',
            'value',
        ),
    )
);

Related Snippets

Symfony there are no commands defined in the "make" namespace

GA4 custom event from server side, can someone tell me how i can do the following code in php?

How can I get new CSRF token in LARAVEL by using ajax

Laravel post contact form giving me error 419

"cannot list resources" error from WooCommerce REST API

Laravel no logout option from menu after successfull login

CodeIgniter 4: Like and Dislike Functionality

Laravel php artisan serve to mimic HTTPS

Limit WooCommerce products in cart only from one custom taxonomy

Symfony run hint kernel.secret parameter not found

Uncaught TypeError: Cannot read property 'length' of null when retrieving tags from wp

laravel 5.6 bulk inserting json data

Add New Parameter to Existing URL using htaccess

I want to display default profile image if user do not have profile image

Malformed MIME header error in Symfony 5.3