esc()
Escape context specific output
esc(string $string, string $context = 'html', bool $strict = false): stringParameters
| Name | Type | Default | Description |
|---|---|---|---|
| $string * | string |
– | Untrusted data |
| $context | string |
'html' |
Location of output |
| $strict | bool |
false |
Whether to escape an extended set of characters (HTML attributes only) |
Return type
string
Example
<?= esc('untrusted data') ?>