Escape HTML on WP input

The default text widget – WP_Widget_Text – can be found in wp-includes/default-widgets.php. The input is handled like this:

  • stripslashes( wp_filter_post_kses( addslashes( $text ) ) ); for the text;

I assume this should work likewise for your custom widget. Additionally there is:

  • wpautop( $text ) on the output, if the filter is set to do that;

But optimally you’re taking a look at the source yourself.

Additionally the codex articles:

give you an good overview about sanitizing, escaping and validating possibilities with WP.

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)