Just finished now the sanitize callback for RGBA colors.and tested in my theme and working perfect, and its taking RGBA values
please find the code
function awstheme_sanitize_rgba( $color ) {
if ( empty( $color ) || is_array( $color ) )
return 'rgba(0,0,0,0)';
// If string does not start with 'rgba', then treat as hex
// sanitize the hex color and finally convert hex to rgba
if ( false === strpos( $color, 'rgba' ) ) {
return sanitize_hex_color( $color );
}
// By now we know the string is formatted as an rgba color so we need to further sanitize it.
$color = str_replace( ' ', '', $color );
sscanf( $color, 'rgba(%d,%d,%d,%f)', $red, $green, $blue, $alpha );
return 'rgba('.$red.','.$green.','.$blue.','.$alpha.')';}
Related Posts:
- Escaping and sanitizing SVGs in metabox textarea
- Must I serialize/sanitize/escape array data before using set_transient?
- How to use wp_filter_oembed_result?
- Escaping data from database (users table) is necessary?
- Should I sanitize an email address before passing it to the is_email() function?
- Should HTML output be passed through esc_html() AND wp_kses()?
- Sanitize and data validation with apply_filters() function
- What is the difference between wp_strip_all_tags and wp_filter_nohtml_kses?
- What’s the difference between esc_* functions?
- Reason for Lowercase usernames
- What is the best way to sanitize data?
- How to escape custom css?
- Escaping WP_Query tax_query when term has special character(s)
- Should nonce be sanitized?
- esc_url removes white space. Can I change that to using ‘-‘?
- WP Coding standards – escaping the inescapable?
- Sanitatizing when using the posts_where hook
- why is esc_html() returning nothing given a string containing a high-bit character?
- Sanitizing comments or escaping comment_text()
- Sanitizing, Validating and Escaping in WordPress (Plugin)
- How Could I sanitize the receive data from this code
- Echo JavaScript Safely
- How to sanitize user input?
- Which escape function to use when escaping an email or plain text?
- WP_Editor – Saving Value into Plugin Option – Stripping HTML
- wp_kses ignore allowed and allow everything
- Sanitize array callback for the WordPress Settings API
- What is the safe way to print tracking code / pixel code before tag or tag
- How to escape $_GET and check if isset?
- How to escape html generate by a loop
- What’s a safe / good way to output HTML safely within WordPress templates?
- Do Not Understand → Rule No. 4: Making Data Safe Is About Context [closed]
- Sanitizing output that contains quotes?
- Do we need to escape data that we receive from theme options?
- WP_Customize_Manager: How to get control ID
- Escaping WP_Query tax_query when term has special character(s)
- Escaping and sanitization
- Escaping WP_Query tax_query when term has special character(s)
- Sanitization html output itself
- Post text sanitization after publishing/editing – changes are not saved
- wp_set_object_terms() without accents
- esc_url, esc_url_raw or sanitize_url?
- Properly sanitize an input field “Name “
- how to sanitizing $_POST with the correct way?
- What characters do I need to escape in XML documents?
- How can I selectively escape percent (%) in Python strings?
- How do I use spaces in the Command Prompt?
- With “magic quotes” disabled, why does PHP/WordPress continue to auto-escape my POST data?
- How safe / sanitized is wp_insert_posts()?
- From a security standpoint, should bloginfo() or get_bloginfo() be escaped?
- Sanitizing integer input for update_post_meta
- Escaping quotes from shortcode attributes
- Do Cookies Need to be Sanatized Before Being Saved?
- Do you need to escape hard coded plain text?
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- When outputting a static string to the page, is it necessary to escape the output?
- I’m confused about URL sanitization in meta boxes
- Coding a plugin on WordPress; when should I sanitize? [duplicate]
- where to apply “apply filters” and other Sanitization Functions
- Is default functions like update_post_meta safe to use user inputs?
- How do I escape a table name or column name in SQL? esc_sql doesn’t do this
- Should you escape hardcoded URLs?
- How to sanitize my cookie name
- Do We Need to Validate, Sanitize, or Filter Simple Numerical Superglobals (Cookies and Post)?
- Is Wrapping intval() Around esc_attr() Redundant for Escaping Input?
- WordPress Settings API – Sanitize Integer
- How to get my post title to work with an apostrophe (‘s)?
- Is it sensible to worry about sanitizing admin input in plugin custom CSS?
- How to use sanitize_callback?
- Are all hooks/functions tied to Kses meant for sanitization?
- sanitize_text_field and apostrophe problem
- esc_js() breaks unicode sequences by removing the slash ‘\’ character
- Getting error to display radio button value in General Settings page
- Escaping date string in url with wordpress
- WordPress messes up with data attributes in shortcode output
- textarea field is getting escaped for some unknown reason
- Allow HTML in Settings API input field
- Why would you use esc_attr() on internal functions?
- Input sanitation
- How to use checked() function with multiple check box group? How to properly sanitize that checkbox group?
- Should I escape the html for the settings field created with add_settings_field?
- escape html in jQuery for WordPress
- echo cutom css code to WordPress page template file ? is this safe?
- file_get_contents | escaping doesnt show the page
- Trouble matching strings (titles) using wp_query
- Sanitize WordPress Array Input?
- How to save Checkbox-Options in Plugin Options Page
- Remove pre and code tags from WordPress
- Customizer textarea with script tag won’t work in live preview
- Correct form of escaping and localization – functions.php breadcrumbs
- Escaping a Single Quote in str_replace for Nav Function
- wp_kses allow checkbox class and checked
- Array/List Edit in Backend
- Escaping html for meta description
- Comparing pre-saved post_title to post-saved post_title
- How to display post meta data in secure manner
- Settings api sanatize callback not being triggered
- Sanitizing a custom query’s clauses
- How can I properly sanitize the update_option in WordPress?
- Escaping get_option( ‘time_format’ ) is nesserary?