esc_js() is intended for escaping data for use within an HTML attribute. If you want to escape data for use within an inline script, wp_json_encode() should be sufficient. For example: var disabledDays = <?php echo wp_json_encode( $iva_disable_days ); ?>; This outputs: var disabledDays = [“4\/7\/2018″,”11\/18\/2017”]; If you check the variable in your dev tools console, … Read more
Your code is working correctly. If you look at the source code of the page, you will see: <script>alert('Test')</script> When the above text gets processed for display by your browser, it then becomes <script>alert(‘Test’)</script> which is what you want to be displayed.
Try below code: add_filter( ‘gform_field_validation’, ‘custom_validation’, 10, 4 ); function custom_validation( $result, $value, $form, $field ) { $arrWhitelist = array(‘XH6D’, ‘8U2A’, ‘L9D3’); if ( $result[‘is_valid’] && !in_array( $value, $arrWhitelist )) { $result[‘is_valid’] = false; $result[‘message’] = ‘Please enter a value less than 10’; } return $result; } Further, You can review validation in more detail … Read more
Regarding the edited question, here’s another old Q&A, which might actually be a better reference, Should I sanitize an email address before passing it to the is_email() function?, especially @kaiser’s answer. And regarding kaiser’s Funny sidefact now as I had a look at the sources for both functions (is_email(), sanitize_email()), they are indeed basically the … Read more
Because on the minimum version required it isn’t always available since the SPL can be disabled on PHP 5.2 and below. The majority of installs running WordPress have it, but not all, and it’s the same reason autoloaders and Iterators aren’t used. Moving to v5.3 as a minimum PHP would fix this however as the … Read more
Using $_POST is too low level. Simply give it the same name as your other options. When you options are displayed they should have the names of the form: my_settings[a_particular_option]. For instance: <input name=”my_settings[some_input_option]”/> Then for your hidden input and submit button: <input type=”hiddden” name=”my_settings[foo]” value=”bar”/> <input name=”my_settings[SubmitButton]” type=”submit” class=”button-primary” value=”<?php _e(‘Save Changes’); ?>”/> In … Read more
Take a look at WordPress codex Data Validation entry, it covers most of the validation functions that come built-in with WordPress which you can use to validate your form submission.
What data sanitzation function should be used to store entire source code of webpage?
wp_remote_post – handling responses
You can check my tutorial for front-end user registration and login in WordPress: http://www.cozmoslabs.com/1012-wordpress-user-registration-template-and-custom-user-profile-fields/ As to the wp_signon, wp_insert_user, wp_create_user and wp_update_user they take care of all sanitation and validation of your content. Also you don’t need to use those filters in wp_create_user to create your users.