Just finished now the sanitize callback for RGBA colors.and tested in my theme and working perfect, and its taking RGBA values
please find the code
function awstheme_sanitize_rgba( $color ) {
if ( empty( $color ) || is_array( $color ) )
return 'rgba(0,0,0,0)';
// If string does not start with 'rgba', then treat as hex
// sanitize the hex color and finally convert hex to rgba
if ( false === strpos( $color, 'rgba' ) ) {
return sanitize_hex_color( $color );
}
// By now we know the string is formatted as an rgba color so we need to further sanitize it.
$color = str_replace( ' ', '', $color );
sscanf( $color, 'rgba(%d,%d,%d,%f)', $red, $green, $blue, $alpha );
return 'rgba('.$red.','.$green.','.$blue.','.$alpha.')';}
Related Posts:
- Escaping and sanitizing SVGs in metabox textarea
- Must I serialize/sanitize/escape array data before using set_transient?
- How to use wp_filter_oembed_result?
- Escaping data from database (users table) is necessary?
- Should I sanitize an email address before passing it to the is_email() function?
- Should HTML output be passed through esc_html() AND wp_kses()?
- Sanitize and data validation with apply_filters() function
- What is the difference between wp_strip_all_tags and wp_filter_nohtml_kses?
- What’s the difference between esc_* functions?
- Reason for Lowercase usernames
- What is the best way to sanitize data?
- How to escape custom css?
- Escaping WP_Query tax_query when term has special character(s)
- Should nonce be sanitized?
- esc_url removes white space. Can I change that to using ‘-‘?
- WP Coding standards – escaping the inescapable?
- Sanitatizing when using the posts_where hook
- why is esc_html() returning nothing given a string containing a high-bit character?
- Sanitizing comments or escaping comment_text()
- Sanitizing, Validating and Escaping in WordPress (Plugin)
- How Could I sanitize the receive data from this code
- Echo JavaScript Safely
- How to sanitize user input?
- Which escape function to use when escaping an email or plain text?
- WP_Editor – Saving Value into Plugin Option – Stripping HTML
- wp_kses ignore allowed and allow everything
- Sanitize array callback for the WordPress Settings API
- What is the safe way to print tracking code / pixel code before tag or tag
- How to escape $_GET and check if isset?
- How to escape html generate by a loop
- What’s a safe / good way to output HTML safely within WordPress templates?
- Do Not Understand → Rule No. 4: Making Data Safe Is About Context [closed]
- Sanitizing output that contains quotes?
- Do we need to escape data that we receive from theme options?
- WP_Customize_Manager: How to get control ID
- Escaping WP_Query tax_query when term has special character(s)
- Escaping and sanitization
- Escaping WP_Query tax_query when term has special character(s)
- Sanitization html output itself
- Post text sanitization after publishing/editing – changes are not saved
- wp_set_object_terms() without accents
- esc_url, esc_url_raw or sanitize_url?
- Properly sanitize an input field “Name “
- how to sanitizing $_POST with the correct way?
- Sanitize a custom date meta field
- What is the proper way to sanitize $_POST and $_GET vars?
- Why is sanitize_text_field() selectively trimming data?
- How to Git stash pop specific stash in 1.8.3?
- What are all the escape characters?
- Uses for the ‘"’ entity in HTML
- How can I add ” character to a multi line string declaration in C#?
- What characters do I need to escape in XML documents?
- Illegal Escape Character “\”
- Escape quotes in JavaScript
- Which characters need to be escaped when using Bash?
- Escape string Python for MySQL
- What characters must be escaped in HTML 5?
- what is a good method to sanitize the whole $_POST array in php?
- How can I selectively escape percent (%) in Python strings?
- How do I escape a single quote in jQuery?
- How is \\n and \\\n interpreted by the expanded regular expression?
- Escape Character in SQL Server
- Why shouldn’t `'` be used to escape single quotes?
- What does it mean to escape a string?
- How to escape apostrophe (‘) in MySql?
- Invalid escape sequence (valid ones are \b \t \n \f \r \” \’ \\ )
- Escaping HTML strings with jQuery
- What’s the Use of ‘\r’ escape sequence?
- How do I use spaces in the Command Prompt?
- How do I escape ampersands in XML so they are rendered as entities in HTML?
- Unrecognized escape sequence for path string containing backslashes
- With “magic quotes” disabled, why does PHP/WordPress continue to auto-escape my POST data?
- Is sanitize_title enough to generate post slugs?
- What’s the difference between esc_html, esc_attr, esc_html_e, and so on?
- Should I escape wordpress functions like the_title, the_excerpt, the_content
- In Which Contexts are Plugins Responsible for Data Validation/Sanitization?
- wordpress sanitize array?
- Data sanitization: Best Practices with code examples
- How safe / sanitized is wp_insert_posts()?
- Best Practice for PHP
- When to use esc_html and when to use sanitize_text_field?
- From a security standpoint, should bloginfo() or get_bloginfo() be escaped?
- How to prevent escaping when saving HTML code in an option value?
- How to safely sanitize a textarea which takes full HTML input
- What is the difference between esc_html filter vs attribute_escape filter?
- Difference between esc_url() and esc_url_raw()
- How to print translation supported text with HTML URL
- Custom page with variables in url. Nice url with add_rewrite_rule
- Which WP functions do you need to use esc_html() or esc_url() on?
- Sanitize content from wp_editor
- How to properly validate data from $_GET or $_REQUEST using WordPress functions?
- What to use instead of wp_kses() in user output
- is_email() VS sanitize_email()
- Sanitizing integer input for update_post_meta
- Sanitize User Entered CSS
- Which KSES should be used and when?
- How to correctly escape query variables to be used in WP_Query
- Is sanitize_text_field() is enough to save to DB?
- How do translated, escaped strings (esc_attr) in Themes work?
- Settings API – sanitizing urls, email addresses and text