esc_attr( string $text ). string Melarikan diri untuk atribut HTML
Isi
rangkaian
Encodes the , &, ” and ‘ (less than, greater than, ampersand, double quote and single quote) characters. Will never double encode entities.
Selalu gunakan saat keluar dari atribut HTML (terutama nilai formulir) seperti alt, nilai, judul, dll. Untuk menghindari nilai terjemahan, gunakan esc_attr__() sebagai gantinya;
Mengajukan. <!-- This is correct: --> <img src="<?php echo esc_url( $src ); ?>" /> <!-- This is OK, but the esc_attr() is unnecessary: --> <img src="<?php echo esc_attr( esc_url( $src ) ); ?>" /> <!-- This is *not* correct: --> <img src="<?php echo esc_attr( $src ); ?>" />8. View all references
function esc_attr( $text ) { $safe_text = wp_check_invalid_utf8( $text ); $safe_text = _wp_specialchars( $safe_text, ENT_QUOTES ); /** * Filters a string cleaned and escaped for output in an HTML attribute. * * Text passed to esc_attr() is stripped of invalid or special characters * before output. * * @since 2.0.6 * * @param string $safe_text The text after it has been escaped. * @param string $text The text prior to being escaped. */ return apply_filters( 'attribute_escape', $safe_text, $text ); }
Filters a string cleaned and escaped for output in an HTML attribute
Checks for invalid UTF8 in a string
_wp_specialchars() wp-includes/formatting. phpConverts a number of special characters into their HTML entities
apply_filters() wp-includes/plugin. phpCalls the callback functions that have been added to a filter hook
Adds <!-- This is correct: --> <img src="<?php echo esc_url( $src ); ?>" /> <!-- This is OK, but the esc_attr() is unnecessary: --> <img src="<?php echo esc_attr( esc_url( $src ) ); ?>" /> <!-- This is *not* correct: --> <img src="<?php echo esc_attr( $src ); ?>" />9 attribute to an <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">0 HTML tag
wp_preload_resources() wp-includes/general-template. phpPrints resource preloads directives to browsers
wp_list_users() wp-includes/user. phpLists all the users of the site, with several options available
WP_Theme_JSON. remove_insecure_settings() wp-includes/class-wp-theme-json. phpProcesses a setting node and returns the same node without the insecure settings
wp_robots() wp-includes/robots-template. phpDisplays the robots meta tag as necessary
wp_sanitize_script_attributes() wp-includes/script-loader. phpMembersihkan larik atribut ke dalam string atribut untuk ditempatkan di dalam tag
wp_iframe_tag_add_loading_attr() wp-includes/media. phpMenambahkan atribut <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">1 ke tag HTML <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">2
get_block_wrapper_attributes() wp-includes/class-wp-block-supports. phpMenghasilkan serangkaian atribut dengan menerapkan ke blok saat ini yang merender semua fitur yang didukung blok
WP_Application_Passwords_List_Table. column_revoke() wp-admin/includes/class-wp-application-passwords-list-table. phpMenangani keluaran kolom pencabutan
WP_Application_Passwords_List_Table. display_tablenav() wp-admin/includes/class-wp-application-passwords-list-table. phpMenghasilkan navigasi tabel khusus untuk mencegah nonces yang bertentangan
WP_Application_Passwords_List_Table. single_row() wp-admin/includes/class-wp-application-passwords-list-table. phpMenghasilkan konten untuk satu baris tabel
WP_Application_Passwords_List_Table. print_js_template_row() wp-admin/includes/class-wp-application-passwords-list-table. phpPrints the JavaScript template for the new row item
WP_Comments_List_Table. comment_type_dropdown() wp-admin/includes/class-wp-comments-list-table. phpDisplays a comment type drop-down for filtering on the Comments list table
wp_img_tag_add_loading_attr() wp-includes/media. phpAdds <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">1 attribute to an <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">0 HTML tag
wp_admin_viewport_meta() wp-admin/includes/misc. phpDisplays the viewport meta in the admin
wp_rel_callback() wp-includes/formatting. phpCallback to add a rel attribute to HTML A element
wp_credits_section_list() wp-admin/includes/credits. phpDisplays a list of contributors for a given group
WP_Privacy_Data_Removal_Requests_List_Table. column_email() wp-admin/includes/class-wp-privacy-data-removal-requests-list-table. phpActions column
WP_Privacy_Data_Removal_Requests_List_Table. column_next_steps() wp-admin/includes/class-wp-privacy-data-removal-requests-list-table. phpNext steps column
WP_Privacy_Data_Export_Requests_List_Table. column_email() wp-admin/includes/class-wp-privacy-data-export-requests-list-table. phpActions column
WP_Privacy_Data_Export_Requests_List_Table. column_next_steps() wp-admin/includes/class-wp-privacy-data-export-requests-list-table. phpDisplays the next steps column
wp_filter_oembed_iframe_title_attribute() wp-includes/embed. phpFilters the given oEmbed HTML to make sure iframes have a title attribute
WP_Site_Health. get_test_background_updates() wp-admin/includes/class-wp-site-health. phpTests if WordPress can run automated background updates
WP_Posts_List_Table. formats_dropdown() wp-admin/includes/class-wp-posts-list-table. phpDisplays a formats drop-down for filtering items
wp_targeted_link_rel_callback() wp-includes/formatting. phpCallback to add <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">5 string to HTML A element
WP_Scripts. print_translations() wp-includes/class-wp-scripts. phpPrints translations set for a specific handle
the_block_editor_meta_boxes() wp-admin/includes/post. phpRenders the meta boxes forms
the_block_editor_meta_box_post_form_hidden_fields() wp-admin/includes/post. phpRenders the hidden form required for the meta boxes form
wp_privacy_generate_personal_data_export_group_html() wp-admin/includes/privacy-tools. phpBuat satu grup untuk laporan ekspor data pribadi
wp_privacy_generate_personal_data_export_file() wp-admin/includes/privacy-tools. phpHasilkan file ekspor data pribadi
WP_Privacy_Requests_Table. column_status() wp-admin/includes/class-wp-privacy-requests-table. phpKolom status
WP_Privacy_Requests_Table. single_row() wp-admin/includes/class-wp-privacy-requests-table. phpMenghasilkan konten untuk satu baris tabel,
WP_Privacy_Requests_Table. column_cb() wp-admin/includes/class-wp-privacy-requests-table. phpkolom kotak centang
WP_Widget_Text. is_legacy_instance() wp-includes/widgets/class-wp-widget-text. phpMenentukan apakah instance yang diberikan adalah warisan dan harus dilewati menggunakan TinyMCE
WP_Widget_Media_Gallery. render_control_template_scripts() wp-include/widgets/class-wp-widget-media-gallery. phpRender skrip Templat formulir
WP_Widget_Custom_HTML. form() wp-includes/widgets/class-wp-widget-custom-html. phpMenghasilkan formulir pengaturan widget HTML Khusus
WP_Customize_Nav_Menu_Locations_Control. content_template() wp-includes/customize/class-wp-customize-nav-menu-locations-control. phpTemplate JS/Underscore untuk UI kontrol
WP_Customize_Themes_Section. filter_drawer_content_template() wp-includes/customize/class-wp-customize-themes-section. phpRender bagian laci filter dari bagian tema sebagai template JS
wp_load_press_this() wp-admin/tekan-ini. php wp_print_plugin_file_tree() wp-admin/includes/misc. phpMenampilkan daftar file yang diformat untuk editor file plugin
wp_print_theme_file_tree() wp-admin/includes/misc. phpMenampilkan daftar file yang diformat untuk editor file tema
WP_Widget_Media. form() wp-includes/widgets/class-wp-widget-media. phpMenghasilkan formulir pembaruan pengaturan
WP_Widget_Media. render_control_template_scripts() wp-includes/widgets/class-wp-widget-media. phpRender skrip Templat formulir
WP_Widget_Media_Image. render_media() wp-includes/widgets/class-wp-widget-media-image. phpRender media di frontend
WP_Widget_Media_Image. render_control_template_scripts() wp-includes/widgets/class-wp-widget-media-image. phpRender skrip Templat formulir
WP_Customize_Nav_Menus. print_post_type_container() wp-includes/class-wp-customize-nav-menus. phpMencetak markup untuk item menu baru
WP_Customize_Background_Position_Control. content_template() wp-includes/customize/class-wp-customize-background-position-control. phpRender template JS untuk konten kontrol posisi
wp_resource_hints() wp-includes/general-template. phpMencetak petunjuk sumber daya ke browser untuk pra-pengambilan, pra-render, dan pra-koneksi ke situs web
network_edit_site_nav() wp-admin/includes/ms. phpMengeluarkan HTML untuk antarmuka tabular "Edit Situs" jaringan
WP_Plugins_List_Table. search_box() wp-admin/includes/class-wp-plugins-list-table. phpMenampilkan kotak pencarian
WP_Script. print_inline_script() wp-includes/class-wp-scripts. phpMencetak skrip sebaris yang didaftarkan untuk pegangan tertentu
WP_Customize_Widgets. filter_dynamic_sidebar_params() wp-includes/class-wp-customize-widgets. phpMenyuntikkan atribut data penyegaran selektif ke dalam elemen penampung widget
get_post_embed_html() wp-includes/embed. phpMengambil kode embed untuk posting tertentu
get_the_author_posts_link() wp-includes/author-template. phpMengambil tautan HTML ke halaman penulis dari penulis posting saat ini
wp_image_add_srcset_and_sizes() wp-includes/media. phpMenambahkan atribut 'srcset' dan 'sizes' ke elemen 'img' yang ada
WP_Posts_List_Table. get_edit_link() wp-admin/includes/class-wp-posts-list-table. phpHelper untuk membuat link untuk mengedit. php dengan params
WP_Customize_Nav_Menu_Location_Control. render_content() wp-includes/customize/class-wp-customize-nav-menu-location-control. phpRender konten seperti kontrol pemilihan normal
WP_Customize_Panel. print_template() wp-includes/class-wp-customize-panel. phpRender template JS panel
get_language_attributes() wp-includes/general-template. phpMendapatkan atribut bahasa untuk tag 'html'
WP_Customize_Nav_Menus. filter_wp_nav_menu() wp-includes/class-wp-customize-nav-menus. phpMenyiapkan panggilan wp_nav_menu() untuk penyegaran sebagian
WP_Customize_New_Menu_Section. render() wp-includes/customize/class-wp-customize-new-menu-section. phpRender bagian tersebut, dan kontrol yang telah ditambahkan ke dalamnya
WP_Posts_List_Table. handle_row_actions() wp-admin/includes/class-wp-posts-list-table. phpMenghasilkan dan menampilkan tautan tindakan baris
WP_Posts_List_Table. column_title() wp-admin/includes/class-wp-posts-list-table. phpMenangani keluaran kolom judul
WP_Links_List_Table. column_cb() wp-admin/includes/class-wp-links-list-table. phpHandles the checkbox column output
WP_Links_List_Table. column_name() wp-admin/includes/class-wp-links-list-table. phpMenangani keluaran kolom nama tautan
WP_MS_Themes_List_Table. column_name() wp-admin/includes/class-wp-ms-themes-list-table. phpMenangani keluaran kolom nama
WP_MS_Themes_List_Table. column_description() wp-admin/includes/class-wp-ms-themes-list-table. phpMenangani output kolom deskripsi
Handles the checkbox column output
WP_MS_Sites_List_Table. column_cb() wp-admin/includes/class-wp-ms-sites-list-table. phpHandles the checkbox column output
WP_Terms_List_Table. handle_row_actions() wp-admin/includes/class-wp-terms-list-table. phpMenghasilkan dan menampilkan tautan tindakan baris
WP_MS_Users_List_Table. column_blogs() wp-admin/includes/class-wp-ms-users-list-table. phpMenangani keluaran kolom situs
WP_MS_Users_List_Table. column_cb() wp-admin/includes/class-wp-ms-users-list-table. phpHandles the checkbox column output
WP_Media_List_Table. column_parent() wp-admin/includes/class-wp-media-list-table. phpMenangani keluaran kolom induk
WP_Media_List_Table. column_title() wp-admin/includes/class-wp-media-list-table. phpMenangani keluaran kolom judul
wp_kses_one_attr() wp-includes/kses. phpMemfilter satu atribut HTML dan memastikan nilainya diizinkan
WP_Customize_Theme_Control. content_template() wp-includes/customize/class-wp-customize-theme-control. phpRender template JS untuk tampilan tema
customize_themes_print_templates() wp-admin/includes/theme. phpMencetak template JS untuk UI penjelajahan tema di Customizer
WP_Customize_Control. print_template() wp-includes/class-wp-customize-control. phpRender template JS kontrol
wp_dropdown_languages() wp-includes/l10n. phpMenampilkan atau mengembalikan pemilih Bahasa
WP_Customize_Control. input_attrs() wp-includes/class-wp-customize-control. phpRender atribut khusus untuk elemen input kontrol
wp_install_language_form() wp-admin/includes/translation-install. phpKeluarkan formulir pemilihan untuk pemilihan bahasa pada layar instalasi
login_footer() login-wp. phpMenghasilkan footer untuk halaman login
login_header() login-wp. phpKeluarkan header halaman login
show_user_form() pendaftaran wp. phpMenampilkan bidang untuk formulir pendaftaran akun pengguna baru
signup_blog() daftar-wp. phpMenampilkan formulir bagi pengguna atau pengunjung untuk mendaftar ke situs baru
show_blog_form() pendaftaran wp. phpMenghasilkan dan menampilkan formulir Daftar dan Buat Situs
network_step1() wp-admin/includes/network. phpMencetak langkah 1 untuk proses instalasi Jaringan
display_setup_form() wp-admin/instal. phpMenampilkan formulir penyiapan penginstal
WP_Screen. render_screen_layout() wp-admin/includes/class-wp-screen. phpMerender opsi untuk jumlah kolom pada halaman
WP_Screen. render_per_page_options() wp-admin/includes/class-wp-screen. phpMerender item per opsi halaman
get_theme_update_available() wp-admin/includes/theme. phpRetrieves the update link if there is a theme update available
WP_Screen. render_screen_meta() wp-admin/includes/class-wp-screen. phpRenders the screen’s help section
WP_Plugins_List_Table. single_row() wp-admin/includes/class-wp-plugins-list-table. php meta_box_prefs() wp-admin/includes/screen. phpPrints the meta box preferences for screen meta
WP_Links_List_Table. display_rows() wp-admin/includes/class-wp-links-list-table. php install_theme_search_form() wp-admin/includes/theme-install. phpDisplays search form for searching themes
install_themes_dashboard() wp-admin/includes/theme-install. phpDisplays tags filter for themes
Bulk_Upgrader_Skin. before() wp-admin/includes/class-bulk-upgrader-skin. php Bulk_Upgrader_Skin. after() wp-admin/includes/class-bulk-upgrader-skin. php WP_List_Table. single_row_columns() wp-admin/includes/class-wp-list-table. phpGenerates the columns for a single row of the table
WP_List_Table. view_switcher() wp-admin/includes/class-wp-list-table. phpDisplays a view switcher
WP_List_Table. get_table_classes() wp-admin/includes/class-wp-list-table. phpGets a list of CSS classes for the WP_List_Table table tag
WP_List_Table. display_tablenav() wp-admin/includes/class-wp-list-table. phpGenerates the table navigation above or below the table
WP_List_Table. search_box() wp-admin/includes/class-wp-list-table. phpMenampilkan kotak pencarian
WP_List_Table. bulk_actions() wp-admin/includes/class-wp-list-table. phpDisplays the bulk actions dropdown
WP_List_Table. months_dropdown() wp-admin/includes/class-wp-list-table. phpDisplays a dropdown for filtering items in the list table by month
mu_dropdown_languages() wp-admin/includes/ms. phpGenerates and displays a drop-down of available languages
wp_image_editor() wp-admin/includes/image-edit. phpLoads the WP image-editing interface
WP_MS_Themes_List_Table. single_row() wp-admin/includes/class-wp-ms-themes-list-table. php admin_color_scheme_picker() wp-admin/includes/misc. phpDisplays the default admin color scheme picker (Used in user-edit. php)
WP_Theme_Install_List_Table. install_theme_info() wp-admin/includes/class-wp-theme-install-list-table. phpPrints the info for a theme (to be used in the theme installer modal)
get_terms_to_edit() wp-admin/includes/taxonomy. phpGets comma-separated list of terms available to edit for the given post ID
WP_Theme_Install_List_Table. single_row() wp-admin/includes/class-wp-theme-install-list-table. phpPrints a theme from the WordPress. org API
wp_plugin_update_row() wp-admin/includes/update. phpDisplays update information for a plugin
wp_theme_update_row() wp-admin/includes/update. phpDisplays update information for a theme
install_search_form() wp-admin/includes/plugin-install. phpDisplays a search form for searching plugins
install_plugins_favorites_form() wp-admin/includes/plugin-install. phpMenampilkan formulir nama pengguna untuk halaman favorit
install_plugin_information() wp-admin/includes/plugin-install. phpMenampilkan informasi plugin dalam bentuk kotak dialog
wp_dashboard_recent_posts() wp-admin/includes/dashboard. phpMenghasilkan bagian Segera Diterbitkan dan Baru Diterbitkan
wp_dashboard_browser_nag() wp-admin/includes/dashboard. phpMenampilkan cerewet pembaruan browser
wp_dashboard_plugins_output() wp-admin/includes/deprecated. phpTampilkan teks plugin untuk widget berita WordPress
_wp_dashboard_control_callback() wp-admin/includes/dashboard. phpKontrol output untuk widget dasbor saat ini
wp_dashboard_recent_drafts() wp-admin/includes/dashboard. phpShow recent drafts of the user on the dashboard
settings_fields() wp-admin/includes/plugin. phpOutputs nonce, action, and option_page fields for a settings page
WP_Plugin_Install_List_Table. display_rows() wp-admin/includes/class-wp-plugin-install-list-table. php get_submit_button() wp-admin/includes/template. phpReturns a submit button, with provided text and appropriate class
do_settings_sections() wp-admin/includes/template. phpPrints out all settings sections added to a particular settings page
do_settings_fields() wp-admin/includes/template. phpPrints out the settings fields for a particular settings section
settings_errors() wp-admin/includes/template. phpDisplays settings errors registered by add_settings_error()
find_posts_div() wp-admin/includes/template. phpOutputs the modal window used for attaching media to posts or pages in the media-listing screen
the_post_password() wp-admin/includes/template. phpDisplays the post password
_admin_search_query() wp-admin/includes/template. phpDisplays the search query
wp_comment_reply() wp-admin/includes/template. phpOutputs the in-line comment reply-to form in the Comments list table
_list_meta_row() wp-admin/includes/template. phpOutputs a single row of public meta data in the Custom Fields meta box
meta_form() wp-admin/includes/template. phpPrints the form in the Custom Fields meta box
page_template_dropdown() wp-admin/includes/template. phpPrints out option HTML elements for the page templates drop-down
wp_dropdown_roles() wp-admin/includes/template. phpPrints out option HTML elements for role selectors
do_meta_boxes() wp-admin/includes/template. phpMeta-Box template function
do_accordion_sections() wp-admin/includes/template. phpMeta Box Accordion Template Function
WP_Themes_List_Table. display_rows() wp-admin/includes/class-wp-themes-list-table. php WP_Themes_List_Table. _js_vars() wp-admin/includes/class-wp-themes-list-table. phpSend required variables to JavaScript land
WP_Users_List_Table. single_row() wp-admin/includes/class-wp-users-list-table. phpGenerate HTML for a single row on the users. php admin panel
media_upload_gallery_form() wp-admin/includes/media. phpAdds gallery form to upload iframe
media_upload_library_form() wp-admin/includes/media. phpOutputs the legacy media upload form for the media library
edit_form_image_editor() wp-admin/includes/media. phpDisplays the image and editor in the post editor
attachment_submitbox_metadata() wp-admin/includes/media. phpDisplays non-editable attachment metadata in the publish meta box
get_attachment_fields_to_edit() wp-admin/includes/media. phpRetrieves the attachment fields to edit form fields
get_media_item() wp-admin/includes/media. phpRetrieves HTML form for modifying the image attachment
get_compat_media_markup() wp-admin/includes/media. php media_upload_form_handler() wp-admin/includes/media. phpHandles form submissions for the legacy media uploader
wp_media_upload_handler() wp-admin/includes/media. phpHandles the process of uploading media
media_sideload_image() wp-admin/includes/media. phpDownloads an image from the specified URL, saves it as an attachment, and optionally attaches it to a post
image_align_input_fields() wp-admin/includes/media. phpRetrieves HTML for the image alignment radio buttons with the specified one checked
image_link_input_fields() wp-admin/includes/media. phpRetrieves HTML for the Link URL buttons with the default link type as specified
the_media_upload_tabs() wp-admin/includes/media. phpOutputs the legacy media upload tabs UI
get_image_send_to_editor() wp-admin/includes/media. phpMengambil gambar HTML untuk dikirim ke editor
media_buttons() wp-admin/includes/media. phpAdds the media button to the editor
_wp_post_thumbnail_html() wp-admin/includes/post. phpReturns HTML for the post thumbnail meta box
wp_ajax_find_posts() wp-admin/includes/ajax-actions. phpAjax handler for querying posts for the Find Posts modal
Penangan Ajax untuk menambahkan kategori tautan
post_trackback_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan kolom formulir link trackback
post_slug_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang formulir siput
page_attributes_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang formulir atribut halaman
link_xfn_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang formulir XFN
link_advanced_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang formulir opsi tautan lanjutan
attachment_id3_data_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang untuk data ID3
post_submit_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan kolom formulir pengiriman kiriman
post_format_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan elemen formulir format posting
post_tags_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang formulir tag pos
post_categories_meta_box() wp-admin/includes/meta-boxes. phpMenampilkan bidang formulir kategori pos
get_default_link_to_edit() wp-admin/includes/bookmark. phpMengambil tautan default untuk diedit
WP_Media_List_Table. get_views() wp-admin/includes/class-wp-media-list-table. php WP_Media_List_Table. _get_row_actions() wp-admin/includes/class-wp-media-list-table. php WP_Terms_List_Table. column_name() wp-admin/includes/class-wp-terms-list-table. php WP_Terms_List_Table. inline_edit() wp-admin/includes/class-wp-terms-list-table. phpMenampilkan baris tersembunyi yang ditampilkan saat pengeditan sebaris
Walker_Nav_Menu_Edit. start_el() wp-admin/includes/class-walker-nav-menu-edit. phpMulai keluaran elemen
Walker_Nav_Menu_Daftar Periksa. start_el() wp-admin/includes/class-walker-nav-menu-checklist. phpMulai keluaran elemen
wp_nav_menu_item_post_type_meta_box() wp-admin/includes/nav-menu. phpMenampilkan kotak meta untuk item menu jenis posting
wp_nav_menu_item_taxonomy_meta_box() wp-admin/includes/nav-menu. phpMenampilkan kotak meta untuk item menu taksonomi
request_filesystem_credentials() wp-admin/includes/file. phpMenampilkan formulir kepada pengguna untuk meminta detail FTP/SSH mereka agar dapat terhubung ke sistem file
WP_Posts_List_Table. inline_edit() wp-admin/includes/class-wp-posts-list-table. phpMenampilkan baris tersembunyi yang ditampilkan saat pengeditan sebaris
wp_list_widget_controls() wp-admin/include/widgets. phpTampilkan widget dan pengaturannya untuk sidebar
wp_widget_control() wp-admin/includes/widgets. phpWidget meta digunakan untuk menampilkan formulir kontrol untuk widget
WP_Posts_List_Table. get_table_classes() wp-admin/includes/class-wp-posts-list-table. php options_reading_blog_charset() wp-admin/includes/options. phpRender pengaturan charset situs
Custom_Image_Header. step_1() wp-admin/includes/class-custom-image-header. phpTampilkan langkah pertama halaman gambar header khusus
Custom_Image_Header. step_2() wp-admin/includes/class-custom-image-header. phpTampilkan langkah kedua halaman gambar header khusus
Custom_Image_Header. show_header_selector() wp-admin/includes/class-custom-image-header. phpTampilan UI untuk memilih salah satu dari beberapa header default
confirm_delete_users() wp-admin/includes/ms. php list_core_update() wp-admin/update-core. phpLists available core updates
list_plugin_updates() wp-admin/update-core. phpMenampilkan formulir pemutakhiran plugin
list_theme_updates() wp-admin/update-core. phpMenampilkan formulir peningkatan tema
Latar Belakang_Khusus. wp_set_background_image() wp-admin/includes/class-custom-background. php Latar Belakang_Kustom. admin_page() wp-admin/includes/class-custom-background. phpDisplays the custom background page
_wp_menu_output() wp-admin/menu-header. phpMenampilkan menu
WP_Styles. print_inline_style() wp-includes/class-wp-styles. phpMencetak gaya CSS ekstra dari lembar gaya terdaftar
WP_Styles. do_item() wp-include/class-wp-styles. phpMemproses ketergantungan gaya
Walker_CategoryDropdown. start_el() wp-includes/class-walker-category-dropdown. phpMemulai output elemen
Walker_Category. start_el() wp-includes/class-walker-category. phpMemulai output elemen
wp_generate_tag_cloud() wp-includes/category-template. phpMenghasilkan awan tag (peta panas) dari data yang disediakan
wp_dropdown_categories() wp-includes/category-template. phpMenampilkan atau mengambil daftar dropdown kategori HTML
wp_list_categories() wp-includes/category-template. phpMenampilkan atau mengambil daftar kategori HTML
esc_attr__() wp-includes/l10n. phpMengambil terjemahan dari $text dan melepaskannya untuk penggunaan yang aman dalam sebuah atribut
esc_attr_e() wp-includes/l10n. phpMenampilkan teks terjemahan yang telah di-escape untuk penggunaan yang aman dalam sebuah atribut
esc_attr_x() wp-includes/l10n. phpMenerjemahkan string dengan konteks gettext, dan melepaskannya untuk penggunaan yang aman dalam atribut
_links_add_target() menyertakan/memformat wp. phpCallback untuk menambahkan atribut target ke semua tautan dalam konten yang diteruskan
_make_url_clickable_cb() menyertakan/memformat wp. phpCallback untuk mengonversi pencocokan URI ke elemen HTML A
_make_web_ftp_clickable_cb() menyertakan/memformat wp. phpCallback untuk mengonversi pencocokan URL ke elemen HTML A
translate_smiley() wp-includes/formatting. phpMengonversi satu kode smiley ke file grafik ikon yang setara
get_avatar() wp-includes/pluggable. phpRetrieves the avatar <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">6 tag for a user, email address, MD5 hash, comment, or post
the_search_query() wp-includes/general-template. phpMenampilkan konten variabel permintaan pencarian
paginate_links() wp-includes/general-template. phpMengambil tautan paginasi untuk mengarsipkan halaman posting
get_the_generator() wp-includes/general-template. phpMembuat generator XML atau Komentar untuk RSS, ATOM, dll
feed_links() wp-includes/general-template. phpMenampilkan link ke feed umum
feed_links_extra() wp-includes/general-template. phpMenampilkan tautan ke umpan tambahan seperti umpan kategori
get_search_query() wp-includes/general-template. phpMengambil konten dari variabel kueri pencarian WordPress
get_archives_link() wp-includes/general-template. phpMengambil konten tautan arsip berdasarkan kode standar atau kustom
get_calendar() wp-includes/general-template. phpMenampilkan kalender dengan hari-hari yang memiliki postingan sebagai link
wp_login_form() wp-includes/general-template. phpMenyediakan formulir login sederhana untuk digunakan di mana saja di dalam WordPress
get_search_form() wp-includes/general-template. phpMenampilkan form pencarian
get_boundary_post_rel_link() wp-include/usang. phpDapatkan tautan relasional pos batas
get_index_rel_link() wp-include/usang. phpDapatkan tautan relasional indeks situs
get_parent_post_rel_link() wp-include/usang. phpDapatkan tautan relasional pos induk
get_the_attachment_link() wp-include/usang. phpAmbil konten HTML dari gambar lampiran dengan tautan
get_attachment_icon() wp-include/usang. phpAmbil konten HTML dari elemen gambar lampiran ikon
get_attachment_innerHTML() wp-include/usang. phpAmbil konten HTML dari elemen gambar
attribute_escape() wp-include/usang. phpMelarikan diri untuk atribut HTML
get_links() wp-include/usang. phpMendapat tautan yang terkait dengan kategori berdasarkan ID
wp_timezone_choice() wp-includes/functions. phpMemberikan daftar string zona waktu yang diformat dengan baik
wp_nonce_field() wp-includes/functions. phpMengambil atau menampilkan bidang tersembunyi untuk formulir
wp_original_referer_field() wp-includes/functions. phpMengambil dan menampilkan bidang tersembunyi perujuk asli untuk formulir
WP_Nav_Menu_Widget. form() wp-includes/widgets/class-wp-nav-menu-widget. phpMengeluarkan formulir pengaturan untuk widget Menu Navigasi
WP_Widget_Recent_Comments. form() wp-includes/widgets/class-wp-widget-recent-comments. phpMenampilkan formulir pengaturan untuk widget Komentar Terbaru
WP_Widget_Tag_Cloud. widget() wp-includes/widgets/class-wp-widget-tag-cloud. phpMenampilkan konten untuk instance widget Tag Cloud saat ini
WP_Widget_Tag_Cloud. form() wp-includes/widgets/class-wp-widget-tag-cloud. phpMenghasilkan formulir pengaturan widget Tag Cloud
WP_Widget_RSS. widget() wp-includes/widgets/class-wp-widget-rss. phpMengeluarkan konten untuk instance widget RSS saat ini
WP_Widget_Recent_Comments. widget() wp-includes/widgets/class-wp-widget-recent-comments. phpMengeluarkan konten untuk instance widget Komentar Terbaru saat ini
WP_Widget_Recent_Posts. widget() wp-includes/widgets/class-wp-widget-recent-posts. phpMengeluarkan konten untuk instance widget Recent Posts saat ini
WP_Widget_Recent_Posts. form() wp-includes/widgets/class-wp-widget-recent-posts. phpMengeluarkan formulir pengaturan untuk widget Tulisan Terbaru
WP_Widget_Categories. form() wp-includes/widgets/class-wp-widget-categories. phpMenampilkan formulir pengaturan untuk widget Kategori
WP_Widget_Categories. widget() wp-includes/widgets/class-wp-widget-categories. phpOutputs the content for the current Categories widget instance
WP_Widget_Text. form() wp-includes/widgets/class-wp-widget-text. phpMengeluarkan formulir pengaturan widget Teks
WP_Widget_Calendar. form() wp-includes/widgets/class-wp-widget-calendar. phpMengeluarkan formulir pengaturan untuk widget Kalender
WP_Widget_Meta. widget() wp-includes/widgets/class-wp-widget-meta. phpMenampilkan konten untuk instance widget Meta saat ini
WP_Widget_Meta. form() wp-includes/widgets/class-wp-widget-meta. phpMenampilkan formulir pengaturan untuk widget Meta
WP_Widget_Archives. widget() wp-includes/widgets/class-wp-widget-archives. phpMenampilkan konten untuk instance widget Arsip saat ini
WP_Widget_Archives. form() wp-includes/widgets/class-wp-widget-archives. phpMengeluarkan formulir pengaturan untuk widget Arsip
WP_Widget_Search. form() wp-include/widgets/class-wp-widget-search. phpMenghasilkan formulir pengaturan untuk widget Pencarian
WP_Widget_Pages. widget() wp-includes/widgets/class-wp-widget-pages. phpMengeluarkan konten untuk instance widget Pages saat ini
Menghasilkan formulir pengaturan untuk widget Pages
wp_widget_rss_output() wp-includes/widgets. phpTampilkan entri RSS dalam daftar
wp_widget_rss_form() wp-include/widget. phpTampilkan formulir opsi widget RSS
get_the_taxonomies() wp-includes/taxonomy. phpMengambil semua taksonomi yang terkait dengan pos
sanitize_term_field() wp-includes/taxonomy. phpMembersihkan nilai bidang dalam istilah berdasarkan konteks
get_adjacent_post_rel_link() wp-includes/link-template. phpMengambil tautan pos relasional yang berdekatan
edit_post_link() wp-includes/link-template. phpMenampilkan tautan edit posting untuk posting
WP_Admin_Bar. _render_container() wp-includes/class-wp-admin-bar. php WP_Admin_Bar. _render_group() wp-includes/class-wp-admin-bar. php WP_Admin_Bar. _render_item() wp-includes/class-wp-admin-bar. php WP_Admin_Bar. add_node() wp-includes/class-wp-admin-bar. phpMenambahkan node ke menu
wp_get_update_data() wp-includes/update. phpMengumpulkan jumlah dan string UI untuk pembaruan yang tersedia
WP_oEmbed. data2html() wp-includes/class-wp-oembed. phpMengonversi objek data dari WP_oEmbed. fetch() dan mengembalikan HTML
wp_admin_bar_shortlink_menu() wp-includes/admin-bar. phpMenyediakan tautan pendek
get_the_category_rss() wp-includes/feed. phpMengambil semua kategori posting, diformat untuk digunakan dalam umpan
rss_enclosure() wp-includes/feed. phpMenampilkan kandang rss untuk posting saat ini
atom_enclosure() wp-includes/feed. phpMenampilkan kandang atom untuk posting saat ini
form_option() wp-includes/option. phpMencetak nilai opsi setelah membersihkan formulir
wp_dropdown_users() wp-includes/pengguna. phpMembuat konten HTML dropdown pengguna
sanitize_user_field() wp-includes/pengguna. phpMembersihkan bidang pengguna berdasarkan konteks
_walk_bookmarks() wp-includes/bookmark-template. phpOutput yang diformat dari daftar bookmark
load_template() wp-includes/template. phpMembutuhkan file template dengan lingkungan WordPress
Walker_Nav_Menu. start_el() wp-includes/class-walker-nav-menu. phpMemulai output elemen
Walker_Nav_Menu. start_lvl() wp-includes/class-walker-nav-menu. phpMulai daftar sebelum elemen ditambahkan
Walker_PageDropdown. start_el() wp-includes/class-walker-page-dropdown. phpMemulai output elemen
wp_nav_menu() wp-includes/nav-menu-template. phpMenampilkan menu navigasi
Walker_Page. start_el() wp-includes/class-walker-page. phpMenghasilkan awal elemen saat ini di pohon
wp_link_pages() wp-includes/post-template. phpOutput yang diformat dari daftar halaman
wp_dropdown_pages() wp-includes/post-template. phpMengambil atau menampilkan daftar halaman sebagai dropdown (pilih daftar)
wp_page_menu() wp-includes/post-template. phpMenampilkan atau mengambil daftar halaman dengan tautan beranda opsional
post_class() wp-includes/post-template. phpMenampilkan kelas untuk elemen wadah pos
body_class() wp-includes/post-template. phpMenampilkan nama class untuk elemen body
the_title_attribute() wp-includes/post-template. phpMembersihkan judul saat ini saat mengambil atau menampilkan
wp_video_shortcode() wp-includes/media. phpMembuat keluaran kode pendek Video
wp_playlist_shortcode() wp-includes/media. phpMembuat keluaran kode pendek Daftar Putar
wp_audio_shortcode() wp-includes/media. phpMembuat keluaran kode pendek Audio
get_image_tag() wp-includes/media. phpMendapat tag img untuk lampiran gambar, menurunkannya jika diminta
img_caption_shortcode() wp-includes/media. phpMembuat output shortcode Caption
sanitize_post_field() wp-includes/posting. phpMembersihkan bidang pos berdasarkan konteks
WP_Tulis ulang. iis7_url_rewrite_rules() wp-includes/class-wp-rewrite. phpRetrieves IIS7 URL Rewrite formatted rewrite rules to write to web. config file
sanitize_bookmark_field() wp-includes/bookmark. phpSanitizes a bookmark field
WP_Scripts. print_extra_script() wp-includes/class-wp-scripts. phpPrints extra scripts of a registered script
WP_Scripts. do_item() wp-includes/class-wp-scripts. phpProcesses a script dependency
get_the_author_link() wp-includes/author-template. phpRetrieves either author’s link or author’s name
wp_list_authors() wp-includes/author-template. phpLists all the authors of the site, with several options available
wp_rss() wp-includes/rss. phpDisplay all RSS items in a HTML ordered list
WP_Widget_Area_Customize_Control. render_content() wp-includes/customize/class-wp-widget-area-customize-control. phpRenders the control’s content
WP_Customize_Control. render() wp-includes/class-wp-customize-control. phpRenders the control wrapper and calls $this->render_content() for the internals
WP_Customize_Control. get_link() wp-includes/class-wp-customize-control. phpGet the data link attribute for a setting
WP_Customize_Control. render_content() wp-includes/class-wp-customize-control. phpRender the control’s content
comment_form() wp-includes/comment-template. phpOutputs a complete commenting form for use within a template
comments_popup_link() wp-includes/comment-template. phpDisplays the link to the comments for the current post ID
get_comment_reply_link() wp-includes/comment-template. phpRetrieves HTML content for reply to comment link
WP_Customize_Widgets. output_widget_control_templates() wp-includes/class-wp-customize-widgets. phpRenders the widget form control templates into the DOM
sanitize_comment_cookies() wp-includes/komentar. phpSanitizes the cookies sent to the user already
_WP_Editors. editor() wp-includes/class-wp-editor. phpOutputs the HTML for a single instance of the editor
wp_print_media_templates() wp-includes/media-template. phpPrints the templates used in the media manager
You must log in to vote on the helpfulness of this noteVote results for this note. 14You must log in to vote on the helpfulness of this note
Contributed by J. D. Grimes —
When escaping the values of attributes that accept URIs (like <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">7 and <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">8), it is important to pass the value through <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">9. If you only use <input type="text" value="<?php echo esc_attr($value);?>">0, the code may still be vulnerable to XSS. (Note also, that when using <?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">9, you don’t need to also use <input type="text" value="<?php echo esc_attr($value);?>">0. )
<!-- This is correct: --> <img src="<?php echo esc_url( $src ); ?>" /> <!-- This is OK, but the esc_attr() is unnecessary: --> <img src="<?php echo esc_attr( esc_url( $src ) ); ?>" /> <!-- This is *not* correct: --> <img src="<?php echo esc_attr( $src ); ?>" />More info
- html5sec. org examples of XSS using javascript. URIs
You must log in to vote on the helpfulness of this noteVote results for this note. 5You must log in to vote on the helpfulness of this note
Contributed by Codex —
Example of escaping <input type="text" value="<?php echo esc_attr($value);?>">3 data on output
<?php $fname = ( isset( $_POST['fname'] ) ) ? $_POST['fname'] : ''; ?> <input type="text" name="fname" value="<?php echo esc_attr( $fname ); ?>">Log in to add feedbackYou must log in to vote on the helpfulness of this noteVote results for this note. 5You must log in to vote on the helpfulness of this note
Contributed by Michael Nelson —
I’m not sure if <input type="text" value="<?php echo esc_attr($value);?>">0 is what you should use if you’re echoing out the value for a form input that is allowed to contain HTML entities because they get lost. yaitu, Anda dapat memulai dengan string yang berisi entitas HTML (misalnya <input type="text" value="<?php echo esc_attr($value);?>">5), dan menemukannya menghilang (berubah menjadi <input type="text" value="<?php echo esc_attr($value);?>">5)
Paling mudah dijelaskan dengan sebuah contoh
1. Anda memiliki nilai dalam database yaitu <input type="text" value="<?php echo esc_attr($value);?>">7
2. Anda menampilkan nilai itu di halaman di dalam nilai masukan formulir dengan kode seperti ini
<input type="text" value="<?php echo esc_attr($value);?>">Itu akan menghasilkan HTML seperti
<input value="Want to do a "br" tag? Do this: <br>">3. Ketika itu ditampilkan oleh browser, itu akan DECODE entitas HTML, menampilkan pengguna <input type="text" value="<?php echo esc_attr($value);?>">8
4. Saat formulir itu dikirimkan kembali ke server, browser akan mengirimkan nilai USER SAW, yaitu <input type="text" value="<?php echo esc_attr($value);?>">8<input value="Want to do a "br" tag? Do this: <br>">0<input type="text" value="<?php echo esc_attr($value);?>">8Perhatikan kami kehilangan entitas HTML? . Aduh
Untuk memperbaikinya, ________14<!-- This is correct: --> <img src="<?php echo esc_url( $src ); ?>" /> <!-- This is OK, but the esc_attr() is unnecessary: --> <img src="<?php echo esc_attr( esc_url( $src ) ); ?>" /> <!-- This is *not* correct: --> <img src="<?php echo esc_attr( $src ); ?>" />_25_______5
<input value="Want to do a "br" tag? Do this: &lt;br&gt;">Notice the <input value="Want to do a "br" tag? Do this: <br>">6<input value="Want to do a "br" tag? Do this: <br>">7<input value="Want to do a "br" tag? Do this: <br>">8<input value="Want to do a "br" tag? Do this: <br>">9
So what function should you use for inputs that are allowed to have HTML entities? <input value="Want to do a "br" tag? Do this: &lt;br&gt;">0<input value="Want to do a "br" tag? Do this: &lt;br&gt;">1
Here's a code snippet showing the difference
<?php $string_with_html_entities = 'Want to do a "br" tag? Do this: <br>'; ?> esc_attr: <input value="<?php echo esc_attr($string_with_html_entities);?>"> esc_textarea: <input value="<?php echo esc_textarea($string_with_html_entities);?>">Which produces the following HTML
esc_attr: <input value="Want to do a "br" tag? Do this: <br>"> esc_textarea: <input value="Want to do a "br" tag? Do this: &lt;br&gt;">Try it and you'll see the second is actually what you want, if you want to allow HTML entities in the value
Log in to add feedbackYou must log in to vote on the helpfulness of this noteVote results for this note. 3You must log in to vote on the helpfulness of this note
Contributed by J. D. Grimes —
It is important to always use quotes around your attribute’s value when it is being escaped with <input type="text" value="<?php echo esc_attr($value);?>">0. Otherwise, your code will still be vulnerable to XSS
How to escape HTML in PHP?
PHP Escaping From HTML .Definition and Usage. PHP file can have mixed content with code within tags embedded in a HTML document. .Syntax.HTML block
LIHAT SEMUA