WordPress Security Standards want me to escape my html, but how to do it correctly?

phpwordpresselementorcodesniffer


PHP Snippet 1:

$output = "<HTML>
    <form>
        <div>
            <label>$i_am</label>
            <input type='text' name='i_am' value='' />
        </div>
        <div>
            <label>$and_i_am_looking_for</label>
            <input type='text' name='and_i_am_looking_for' value='' />
        </div>
    </form>
</HTML>";

PHP Snippet 2:

echo wp_kses(
    $output,
    array(
        'form'  => array(),
        'div'   => array(),
        'label' => array(),
        'input' => array(
            'type',
            'name',
            'value',
        ),
    )
);

Related Snippets

Add bold text and line break into Laravel Notification Email

PHP: How to solve ob_start() in combination imagepng() issue?

Do I need to install `fxp/composer-asset-plugin` if I'm not doing front-end development

How should I get started using PHPUnit as a testing framework for a bunch of functions and classes I have already made?

Get image type from base64 encoded src string

Symfony - "framework.test" config is not set to true

Dropzone: Submit both form data and dropzone at once

Filter WooCommerce products with post__in and additional meta queries

Boolean assignment operators in PHP

Display the default discounted price and percentage on Woocommerce products

In PHP, which is faster: preg_split or explode?

woocommerce_wp_select options array from product attribute terms

What is PHP's equivalent of JavaScript's "array.every()"?

Unable to guess the mime type as no guessers are available Laravel 5.2

Warning file_get_contents () failed to open stream: HTTP request failed! HTTP/1.0 402 Payment Required