A WordPress-centric search engine for devs and theme authors



esc_js ›

Since2.8.0
Deprecatedn/a
esc_js ( $text )
Parameters:
  • (string) $text The text to be escaped.
    Required: Yes
Returns:
  • (string) Escaped text.
Defined at:
Codex:

Escape single quotes, htmlspecialchar " < > &, and fix line endings.

Escapes text strings for echoing in JS. It is intended to be used for inline JS (in a tag attribute, for example onclick="..."). Note that the strings have to be in single quotes. The {@see 'js_escape'} filter is also applied here.



Related Functions: esc_sql, esc_url, esc_html, esc_attr, fetch_rss

Source

function esc_js( $text ) {
	$safe_text = wp_check_invalid_utf8( $text );
	$safe_text = _wp_specialchars( $safe_text, ENT_COMPAT );
	$safe_text = preg_replace( '/&#(x)?0*(?(1)27|39);?/i', "'", stripslashes( $safe_text ) );
	$safe_text = str_replace( "\r", '', $safe_text );
	$safe_text = str_replace( "\n", '\\n', addslashes( $safe_text ) );
	/**
	 * Filters a string cleaned and escaped for output in JavaScript.
	 *
	 * Text passed to esc_js() is stripped of invalid or special characters,
	 * and properly slashed for output.
	 *
	 * @since 2.0.6
	 *
	 * @param string $safe_text The text after it has been escaped.
	 * @param string $text      The text prior to being escaped.
	 */
	return apply_filters( 'js_escape', $safe_text, $text );
}