Try Like below function fhaac_subject_box_callback( $post ){ wp_nonce_field( basename(__FILE__ ), ‘fhacc_subject_nounce’); $fhaac_stored_subject_meta = get_post_meta( ‘$post->ID’ ); $fhaac_subject_name = get_post_meta($post->ID, ‘my_data_subjectName’, true); ?> <div>Subject name: <input type=”text” name=”fhaac_subject_name” id=”fhaac_ subject_name” value=”<?= $fhaac_subject_name; ?>”/></div>
Form Sanitization and Validation
You don’t need the input_attrs, you need choices. This is what I do: function mytheme_sanitize_choice( $input, $setting ) { $control = $setting->manager->get_control( $setting->id ); $valid = $control->choices; return array_key_exists( $input, $valid ) ? $input : $setting->default; }
wpdb->query() is just running the query. It doesn’t do anything special. And strip_invalid_text_from_query() based on the inline documentation is just stripping invalid characters in the query. And, for your information, something like line-breaks doesn’t break the database. The database can accept any string data. You just have to make sure it correctly escaped when the … Read more
Of course you do have to sanitize it and escape it. Otherwise any author/editor of the site will be able to perform any query on your database. First of all you should never create SQL queries like you do in your code. Never concatenate the raw SQL with anything that is variable or comes from … Read more
Data Validation & Sanitization for Big HTML Blocks
Customizer textarea with script tag won’t work in live preview
How to use wp_filter_oembed_result?
I don´t know if checkboxes need sanitze or validate… Yes, you should sanitize. Otherwise, malicious users or codes could modify values into your database. Take a look into sanitize_option documentation. Validation is up to you. If options must be checked for some reason (e.g.: at least 2 options checked), you should validate it and provide … Read more
I’m not completely sure what you mean to do, but are you looking for sanitize_text_field? $array = array_map( ‘sanitize_text_field’, $array );