esc()
Escape context specific output
esc(string $string, string $context = 'html', bool $strict = false): stringParameters
| Name | Type | Default | Description |
|---|---|---|---|
$string |
string |
– | Untrusted data |
$context |
string |
'html' |
Location of output |
$strict |
bool |
false |
Whether to escape an extended set of characters (HTML attributes only) |
Return type
string
Example
<?= esc('untrusted data') ?>