Encode with esc_attr()
, example from the Codex:
echo '<input type="text" name="fname" value="' . esc_attr( $_POST['fname'] ) . '">';
質問
I have some custom meta boxes on WordPress, storing some information such as page titles and descriptions, but I am having a bit of a problem which I can't wrap my head around.
The meta input boxes need to be able to accept " and ' (Speech marks and apostrophes), and WordPress is storing the data fine, and I can display it fine on the front end, but when it is echo'd back into the <input>
box, it messes up because its trying to print something like this:
E.g: <input value="Hello we're called "example" and we suck" />
So no matter how I go about it, it's being printed in the page edit screen (once I save) like this:
or something to a similar effect. Because I need the use of both characters, I can't use either of them to wrap the attributes in as an easy fix.
I'm just having a bit of a brainfart but really can't figure out the logic behind a solution to solve this, because if I escape the characters, they will just get shown to the end user as Hello we're called "example" and we suck
which will confuse them even more.
解決
Encode with esc_attr()
, example from the Codex:
echo '<input type="text" name="fname" value="' . esc_attr( $_POST['fname'] ) . '">';