Describes how to filter attributes and use SQL statements in WordPress development.

: This article describes the filter attributes and SQL statement functions used in WordPress development. For more information about PHP tutorials, see. Esc_attr () (filter attribute)
Generally, the tag attribute of Html code is written in the following format:

What if the value attribute is dynamically output?

However, if the dynamic output attribute contains special characters such as double quotation marks and angle brackets, the Html code will be disrupted. in this case, you can use the esc_attr () function to escape the output attribute.

Usage

esc_attr( $text );

Parameters

$ Text (string) (required) the string to be escaped. Default value: None

Return value

Returns the escaped string.

Example

Others

This function is located in: wp-includes/formatting. php

Esc_ SQL () (filter SQL statements)
Esc_ SQL () is used to filter the strings to be added to SQL statements to prevent SQL injection and exceptions caused by data interference.

Usage

esc_sql( $data );

Parameters

$ Data

(String) (required) the string to be filtered.

Default value: None

Return value

(String) the filtered string can be directly added to the SQL statement.

Example

$name = esc_sql( $name );$status = esc_sql( $status );$wpdb->get_var( "SELECT something FROM table WHERE foo = '$name' and status = '$status'" );

More

This function is located in: wp-includes/formatting. php

The above describes how to filter attributes in WordPress development and how to use SQL statements functions, including related content, and hope to help friends who are interested in PHP tutorials.