esc()
Escape context specific output
esc(string $string, string $context = 'html', bool $strict = false): string
Parameters
Name | Type | Default | Description |
---|---|---|---|
$string |
string |
– | Untrusted data |
$context |
string |
'html' |
Location of output |
$strict |
bool |
false |
Whether to escape an extended set of characters (HTML attributes only) |
Return type
string
Example
<?= esc('untrusted data') ?>