3v4l.org

run code in 300+ PHP versions simultaneously
<?php function sanitize_html_class( $class, $fallback = '' ) { //Strip out any % encoded octets $sanitized = preg_replace( '|%[a-fA-F0-9][a-fA-F0-9]|', '', $class ); //Limit to A-Z,a-z,0-9,_,- $sanitized = preg_replace( '/[^A-Za-z0-9_-]/', '', $sanitized ); if ( '' == $sanitized ) $sanitized = $fallback; /** * Filter a sanitized HTML class string. * * @since 2.8.0 * * @param string $sanitized The sanitized HTML class. * @param string $class HTML class before sanitization. * @param string $fallback The fallback string. */ // N/A // return apply_filters( 'sanitize_html_class', $sanitized, $class, $fallback ); return $sanitized; } $class_name = '300"; onload="/* some JavaScript */'; var_dump( '<div class="' . sanitize_html_class( $class_name ) . '"></div>' ); var_dump( '<div class="' . $class_name . '"></div>' );
Output for 7.4.0 - 7.4.33, 8.0.1 - 8.0.30, 8.1.0 - 8.1.33, 8.2.0 - 8.2.29, 8.3.0 - 8.3.28, 8.4.1 - 8.4.14, 8.5.0
string(43) "<div class="300onloadsomeJavaScript"></div>" string(55) "<div class="300"; onload="/* some JavaScript */"></div>"
Output for 8.4.15
/bin/php-8.4.15: /usr/lib/libm.so.6: version `GLIBC_2.38' not found (required by /bin/php-8.4.15) /bin/php-8.4.15: /usr/lib/libm.so.6: version `GLIBC_2.35' not found (required by /bin/php-8.4.15) /bin/php-8.4.15: /usr/lib/libc.so.6: version `GLIBC_2.34' not found (required by /bin/php-8.4.15) /bin/php-8.4.15: /usr/lib/libc.so.6: version `GLIBC_2.38' not found (required by /bin/php-8.4.15)
Process exited with code 1.
preferences:
133.31 ms | 407 KiB | 5 Q