esc_url() (Filter link)
Many URLs have minor errors. The esc_url() function can block or correct these errors, and can reject unsafe protocols.
The working content of the esc_url() function:
The default rejection is not the URL of the following protocol: defaulting to http, https, ftp, ftps, mailto, news, irc, gopher, nntp, feed and telnet
Remove invalid and dangerous characters
Convert characters to HTML entity characters
How to use
esc_url( $url, $protocols, $_context );
parameter
$url
(String) (must) URL to be filtered.
Default value: None
$protocols
(Array) (Optional) Can receive arrays of protocols. If not set, the default is: defaulting to http, https, ftp, ftps, mailto, news, irc, gopher, nntp, feed, and telnet.
Default value: None
$_context
(String) (optional) How to return URL.
Default value: (string) display
Return value
(String) Returns the filtered link.
example
<?php echo esc_url( '' );//Output: ?>
More
This function is located at: wp-includes/
esc_sql() (filtering Sql statements)
esc_sql() is used to filter strings prepared to be added to the Sql statement to prevent Sql injection and Sql statement from being interfered with by data.
usage
esc_sql( $data );
parameter
$data
(String) (must) string to filter.
Default value: None
Return value
(String) Returns the filtered string and can be directly added to the Sql statement.
example
$name = esc_sql( $name ); $status = esc_sql( $status ); $wpdb->get_var( "SELECT something FROM table WHERE foo = '$name' and status = '$status'" );
More
This function is located at: wp-includes/