I have tried using sanitize_text_field() and esc_attr() to filter checkbox data when saving their values to the database, but it is causing the data not being saved.
What is causing it and what's the correct way to filter input checkbox and radio?
I have use this function it working.
/************************************************************************
************** How to sanitize checkbox*************************
************************************************************************/
function theme_slug_customizer( $wp_customize ) {
//your section
$wp_customize->add_section(
'theme_slug_customizer_your_section',
array(
'title' => esc_html__( 'Your Section', 'theme_slug' ),
'priority' => 150
)
);
//checkbox sanitization function
function theme_slug_sanitize_checkbox( $input ){
//returns true if checkbox is checked
return ( isset( $input ) ? true : false );
}
//add setting to your section
$wp_customize->add_setting(
'theme_slug_customizer_checkbox',
array(
'default' => '',
'sanitize_callback' => 'theme_slug_sanitize_checkbox'
)
);
$wp_customize->add_control(
'theme_slug_customizer_checkbox',
array(
'label' => esc_html__( 'Your Setting with Checkbox', 'theme_slug' ),
'section' => 'theme_slug_customizer_your_section',
'type' => 'checkbox'
)
);
}
add_action( 'customize_register', 'theme_slug_customizer' );
/************************************************************************
************** How to sanitize radio box *************************
************************************************************************/
function theme_slug_customizer( $wp_customize ) {
//your section
$wp_customize->add_section(
'theme_slug_customizer_your_section',
array(
'title' => esc_html__( 'Your Section', 'theme_slug' ),
'priority' => 150
)
);
//radio box sanitization function
function theme_slug_sanitize_radio( $input, $setting ){
//input must be a slug: lowercase alphanumeric characters, dashes and underscores are allowed only
$input = sanitize_key($input);
//get the list of possible radio box options
$choices = $setting->manager->get_control( $setting->id )->choices;
//return input if valid or return default option
return ( array_key_exists( $input, $choices ) ? $input : $setting->default );
}
//add setting to your section
$wp_customize->add_setting(
'theme_slug_customizer_radio',
array(
'sanitize_callback' => 'theme_slug_sanitize_radio'
)
);
$wp_customize->add_control(
'theme_slug_customizer_radio',
array(
'label' => esc_html__( 'Your Setting with Radio Box', 'theme_slug' ),
'section' => 'theme_slug_customizer_your_section',
'type' => 'radio',
'choices' => array(
'one' => esc_html__('Choice One','theme_slug'),
'two' => esc_html__('Choice Two','theme_slug'),
'three' => esc_html__('Choice Three','theme_slug')
)
)
);
}
add_action( 'customize_register', 'theme_slug_customizer' );
I would use the filter_var() function. It has some predefined filters that you can use depending on what kind of data you are expecting such as string, number, etc.
So to sanitize for a number:
$sanitizedNum = filter_var($yourVar, FILTER_SANITIZE_NUMBER_INT);
For a string you would just change "_NUM_INT" to "_STRING".
Wrap those in a custom function then.
I mean that the value of checkbox or radio is often a integer value. If is a integer value, then set it to a integer as solid filter.
$checkbox = (int) $checkbox;
If you use strings on the radio items, then use esc_attr to filter solid. The function sanitize_text_field have also a filter, that other plugins can change the output, maybe not helpful for your goal. THe function is more for filter input from users or from database. esc_attrhave also a filter, but is more solid for your requirements.
More information you can find on the codex page about validation.
Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.