When updating a post meta where the input will be always an integer, should I use (int) or is there a WordPress function for that (eg. sanitize_text_field)?
For example:
if(isset($_POST['category_id'])){
update_post_meta($post-ID, 'category_id', (int)($_POST['category_id']));
}
Topic input post-meta sanitization Wordpress
Category Web
&safe_id = intval( $_POST['category_id'] );
if ( ! $safe_id ) {
$safe_id = '';
}
update_post_meta( $post->ID, 'category_id', $safe_id );
The intval() function casts user input as an integer, and defaults to zero if the input was a non-numeric value. We then check to see if the value ended up as zero. If it did, we'll save an empty value to the database. Otherwise, we'll save the properly validated category_id.
For integers KSES has no special function.
Use (int) or intval() or absint()
See more: Data Validation - Integers
Use a conditional statement to check if $_POST['category_id']) is an integer first. The PHP function is is_int()1
if(isset($_POST['category_id']) && is_int($_POST['category_id'])){
update_post_meta($post->ID, 'category_id', $_POST['category_id']);
}
You should also trim whitespace on your $_POST data because is_int() will return false if the string has whitespace2.
Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.