You’re on the right track. I test the fields in the save_post callback, and then use admin notices to display errors to the user when a field fails validation. They show up just in a highlighted box at the top of the page, just like any errors/messages that WordPress itself generates. Here’s a simple example … Read more
There’s some confusion here, because not all of these are validation, there are 2 others that are necessary to understand what’s appropriate: validation sanitisation escaping Sanitisation Sanitisation makes things clean and well formed This cleans up the data, e.g. trimming trailing spaces, removing letters in a number field, making an all lowercase field all lowercase, … Read more
Use the native php function Filter Validator if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) { die(‘Not a valid URL’); }
You can stop the post from saving all together with minor JQuery hacks and validate the fields before saving on the client side or server side with ajax: first we add our JavaScript to capture the submit/publish event and use it to submit our own ajax function before the actual submit: add_action(‘wp_print_scripts’,’my_publish_admin_hook’); function my_publish_admin_hook(){ if … Read more
There are two concepts here: validation – making sure data is valid, i.e. an integer is an integer, a date is a date (in the right format etc). This should be done just before saving the data. sanitisation – making the date safe for its use in the current context (e.g. escaping SQL queries, or … Read more
WordPress 5.3 introduces a considerably simpler way to achieve this. By registering theme support for HTML 5 for script and style, the type=”” attribute will be omitted: add_action( ‘after_setup_theme’, function() { add_theme_support( ‘html5’, [ ‘script’, ‘style’ ] ); } );
how to validate text field content in job application form ?? to make sure the content holding only characters from A-Z and a-z, to avoid SQL injection and other bad string such as |_”‘$@!;…etc ???
Because you are passing a string as the second argument to the date function, which should be an integer. string date ( string $format [, int $timestamp = time() ] ) Try strtotime which will Parse about any English textual datetime description into a Unix timestamp (integer):
Javascript Regex Literal: US Zip Codes: /(^\d{5}$)|(^\d{5}-\d{4}$)/ Some countries use Postal Codes, which would fail this pattern.
And you don’t necessarily need .length or see if it’s >0 since an empty string evaluates to false anyway but if you’d like to for readability purposes: If you’re sure it will always operate on a textfield element then you can just use this.value. Also you should take note that $(‘input:text’) grabs multiple elements, specify … Read more