: This article describes the filter attributes and SQL statement functions used in WordPress development. For more information about PHP tutorials, see. Esc_attr () (filter attribute)
Generally, the tag attribute of Html code is written in the following format:
What if the value attribute is dynamically output?
However, if the dynamic output attribute contains special characters such as double quotation marks and angle brackets, the Html code will be disrupted. in this case, you can use the esc_attr () function to escape the output attribute.
Usage
esc_attr( $text );
Parameters
$ Text (string) (required) the string to be escaped. Default value: None
Return value
Returns the escaped string.
Example
Others
This function is located in: wp-includes/formatting. php
Esc_ SQL () (filter SQL statements)
Esc_ SQL () is used to filter the strings to be added to SQL statements to prevent SQL injection and exceptions caused by data interference.
Usage
esc_sql( $data );
Parameters
$ Data
(String) (required) the string to be filtered.
Default value: None
Return value
(String) the filtered string can be directly added to the SQL statement.
Example
$name = esc_sql( $name );$status = esc_sql( $status );$wpdb->get_var( "SELECT something FROM table WHERE foo = '$name' and status = '$status'" );
More
This function is located in: wp-includes/formatting. php
The above describes how to filter attributes in WordPress development and how to use SQL statements functions, including related content, and hope to help friends who are interested in PHP tutorials.