I understand that sanitising user input is important and i want to make sure bad stuff is removed but i also want to be able to have users add html to a custom field.
The wordpress sanitise text field function does a great job but i want to tell it to keep html.
Is there another function i can use that will allow me to do that?
Stackoverflow won't let me post a short question so it seems i need to pad it out. Sorry about this.
I've tried looking up the function in the wordpress codex to see if there are parameters that i can switch in order for it to allow html. I've taken out the sanitise function to see if that works and of course it does.
wp_kses() will do what you need. You need to tell it what tags to allow. Alternatively use wp_kses_post() which allows anything you can add to a post. This one may not be strict enough for user input though so I'd suggest going with the first.
echo wp_kses( $text, array(
'a' => array(
'href' => array(),
'title' => array()
),
'br' => array(),
'em' => array(),
'strong' => array(),
) );
http://codex.wordpress.org/Function_Reference/wp_kses http://codex.wordpress.org/Function_Reference/wp_kses_post