What is the exact difference between esc_html
and wp_filter_nohtml_kses
. Everywhere I look says that both strip all the html, the only difference I can see is to do with exactly how they do this. Does esc_html
encode the tags and does wp_filter_nohtml_kses
strip them altogether?
Leave a Reply
You must be logged in to post a comment.
Contrary to what you have been looking at,
esc_html
does not strip all the HTML, it escapes it, meaning it encodes it into safe HTML entities that do not break HTML tags.wp_filter_nohtml_kses
strips all the HTML.When in doubt always consult the source code. It is accessible online.
esc_attr
is short and sweet, uses_wp_specialchars
, defined in wp-includes/formatting.phpwp_filter_nohtml_kses
is defined in wp-includes/kses.php, and “Strips all of the HTML in the content.“