What is the difference between sanitize_text_field() and wp_filter_nohtml_kses()?


I need to sanitize some custom settings added with the Customize API, namely some simple text fields.

Other data types have some dedicated functions, i.e. email addresses should use sanitize_email(), URL’s have esc_url_raw() and so on.

But with simple text fields, I’m not really sure if I must use sanitize_text_field() or wp_filter_nohtml_kses(), even after reading their descriptions in the Code Reference they seem to be very similar and I don’ really know how to choose one of them.

Intuitively, I would go with sanitize_text_field(), but some online guides (this and this) seem to suggest that wp_filter_nohtml_kses() is what should be used instead.

What are the exact differences between these two functions, and how can I choose one of them in this situation?

Sekhemty 3 months 0 Answers 14 views 0

Leave an answer