WordPress Security Standards want me to escape my html, but how to do it correctly?

phpwordpresselementorcodesniffer


PHP Snippet 1:

$output = "<HTML>
    <form>
        <div>
            <label>$i_am</label>
            <input type='text' name='i_am' value='' />
        </div>
        <div>
            <label>$and_i_am_looking_for</label>
            <input type='text' name='and_i_am_looking_for' value='' />
        </div>
    </form>
</HTML>";

PHP Snippet 2:

echo wp_kses(
    $output,
    array(
        'form'  => array(),
        'div'   => array(),
        'label' => array(),
        'input' => array(
            'type',
            'name',
            'value',
        ),
    )
);

Related Snippets

How to redirect to another page and call a Function there on Angular ng-click

Laravel update hasMany relationship using saveMany

array_key_exists(): The first argument should be either a string or an integer

Alert message after submitting form in PHP

How can i hide dt if dd got empty value

How can I make Laravel return a custom error for a JSON REST API

Display a success custom notice after Placing an Order in WooCommerce

Cache clear probem in Larave

WAMP/Wordpress - cURL error 28: Operation timed out after 10001 milliseconds with 0 bytes received

carbon generated datetime not stored correctly into the database

How to remove index.php and index from the URL using htaccess | PHP

Debugging Stripe Webhook Event

I want to display default profile image if user do not have profile image

Display a product custom field only in WooCommerce Admin single orders

PHP 8 - libxml_disable_entity_loader() has been deprecated. How do I replace the functionality it provides?