Please see this Codex article for further guide, but in your case, you would use esc_attr() to escape the $second_col_class value which is being used in an HTML attribute, namely class: <!– bad –> <div class=”<?php echo $second_col_class; ?>”> <!– good –> <div class=”<?php echo esc_attr( $second_col_class ); ?>”> <!– good –> <div class=”<?php esc_attr_e( … Read more
If you want your sanitization callback to apply only to a specific settings field (i.e. a database option registered using register_setting()), then you would want to use a different callback for each of your settings fields. E.g. // Sample field HTML: //<input name=”field-1″ value=”<?php esc_attr( get_option( ‘field-1’ ) ); ?>”> function my_settings_field_1_validation( $value ) { … Read more
To modify the theme’s registration would be possible, but definitely not recommended. It is likely that you would only be able to add your additional fields by directly modifying the theme files, especially with something like user registration. It would be a pain to maintain if you intend to keep your theme up to date. … Read more
Use sessions <?php session_start(); // your fomrfields $post_fields = array( ‘key_one’, ‘key_two’, ‘key_three’ ); $form_data = array(); // copy needed form data from $_POST array foreach ( $post_fields as $key ) if ( isset( $_POST[$key] ) $form_data[$key] = $_POST[$key]; // save your form data in a session if no form data was saved before if … Read more
Just found out that reCaptcha actually rejects CAPTCHAs which are submitted to their server more than once. Since I was using the WP-reCAPTCHA plugin, the plugin resubmitted the CAPTCHA after my AJAX submission. So I just commented out a line from the plugin that does the submission, which is in file recaptcha.php, line 27: $this->register_filters();
Your code is working correctly. If you look at the source code of the page, you will see: <script>alert('Test')</script> When the above text gets processed for display by your browser, it then becomes <script>alert(‘Test’)</script> which is what you want to be displayed.
In my experience, the only way to check the values of the fields is by directly accessing the $_POST vars: if( ( isset( $_POST[‘upload_image’] ) && !empty( $_POST[‘upload_image’] ) )
you have to make a javascript code similar to this… jQuery(function ($) { name = $(‘#name’).val(); $(‘#name’).data(‘old_value’,name); window.onbeforeunload = function () { if ($(‘#name’).data(‘old_value’) !== $(‘#name’).val()) return ‘You have unsaved changes!’; } }); here’s a demo page… try closing the page after changing the value of the textbox there…
Try below code: add_filter( ‘gform_field_validation’, ‘custom_validation’, 10, 4 ); function custom_validation( $result, $value, $form, $field ) { $arrWhitelist = array(‘XH6D’, ‘8U2A’, ‘L9D3’); if ( $result[‘is_valid’] && !in_array( $value, $arrWhitelist )) { $result[‘is_valid’] = false; $result[‘message’] = ‘Please enter a value less than 10’; } return $result; } Further, You can review validation in more detail … Read more
The reason you escape attributes is to make sure that the values don’t have any characters that will break the HTML of the element. For example, if you didn’t escape: $attr=”foo”> <script>alert(“Bad!”);</script>”; Then this: <div class=”<?php echo $attr; ?>”></div> Would output: <div class=”foo”> <script>alert(“Bad!”);</script>”</div> Which would let the script run. So wp_kses_post() is completely wrong … Read more