Extend file format support for post thumbnails
Extend file format support for post thumbnails
sanitization
how to sanitizing $_POST with the correct way?
Instead of looping through the array, use this: map_deep( $form_data, ‘sanitize_text_field’ ); (see the User Notes in the function doc: https://developer.wordpress.org/reference/functions/sanitize_text_field/ ) The docs state that Checks for invalid UTF-8, Converts single < characters to entities Strips all tags Removes line breaks, tabs, and extra whitespace Strips percent-encoded characters So you could also use the … Read more
Properly sanitize an input field “Name “
You could do something like this: $input=”Name <[email protected]>”; // Break the input into parts preg_match( ‘/([^<]+)<([^>]+)>/i’, $input, $matches, PREG_UNMATCHED_AS_NULL ); // Clean the name $name = sanitize_text_field( $matches[ 1 ] ); // Clean the email $email = sanitize_email( $matches[ 2 ] ); // Bail early if the values are invalid. if ( !$name || !$email … Read more
esc_url, esc_url_raw or sanitize_url?
This might be a more useful demonstration: <a href=”<?php echo esc_url( $url ); ?>>I’m printing a URL to the frontend</a> $url = sanitize_url( $_GET[‘user_inputted_data’] ); update_post_meta( $post_id, ‘that_url’, $url ); esc_url is an escaping function, sanitize_url is a sanitising function. Sanitising functions clean incoming data, e.g. removing letters from phone numbers, stripping trailing space etc. … Read more
How to return responsive images from a sanitize_callback?
How to return responsive images from a sanitize_callback?
Escaping data from database (users table) is necessary?
Escaping data from database (users table) is necessary?
Sanitize and Save metabox values
Sanitize and Save metabox values
How can I properly sanitize the update_option in WordPress?
You can use sanitize the data with sanitize functions in reference below. https://developer.wordpress.org/plugins/security/securing-input/
oneOf two possible objects in WP REST API?
Aight got it, the crucial missing thing was that you have to provide this part here: ‘type’ => ‘object’ twice; once when declaring the variable’s type, and once again when defining the possibilities. Otherwise, validation fails; so a proper example would be: ‘args’ => [ ‘data’ => [ ‘type’ => ‘object’, ‘oneOf’ => [ [ … Read more
wp_set_object_terms() without accents
Just thought I’d point out, your call to remove_accent() is incorrect, you are missing the s off of accents. Example from codex: $text = “Hoy será un gran día”; echo remove_accents($text); Echo result: Hoy sera un gran dia https://codex.wordpress.org/Function_Reference/remove_accents