See All Features Get Started Join 300,000+ using Formidable Forms to build solution-focused forms!

The Most Advanced WordPress Forms Plugin and Form Builder

frm_sanitize_shortcodes

Last Updated:

Knowledge BaseExtend Formidable FormsFormidable Hooks - for DevelopersField Options and Values → frm_sanitize_shortcodes
Heads up!
This article contains PHP code and is intended for developers. We offer this code as a courtesy, but don't provide support for code customizations or 3rd party development.

This hook allows shortcodes in field values to be processed rather than shown on the page.

Added security protections prevents shortcodes inside a field from being processed in user-submitted data. If you would like to opt-out of this protection, you can use this filter.

Usage

add_filter( 'frm_sanitize_shortcodes', 'maybe_allow_user_shortcodes', 10, 2 );

Parameters

  • $sanitize (boolean) - return true if shortcodes should be secure
  • $atts (array)
    • $atts['entry'] (object)
    • $atts['value'] (string) - the user-submitted value

Examples

Process all shortcodes in all fields

add_filter( 'frm_sanitize_shortcodes', '__return_false' );

Only return true is a specific shortcode is included in the field value.

add_filter( 'frm_sanitize_shortcodes', 'maybe_allow_user_shortcodes', 10, 2 );
function maybe_allow_user_shortcodes( $sanitize, $atts ) {
  if ( strpos( $atts['value'], '[gallery' ) !== false ) {
    $sanitize = false;
  }
  return $sanitize;
}
Categories
×

Categories

Take on bigger projects Right Now

Get the tools you need to revolutionize your workflow and architect a masterpiece. Build the most advanced WordPress forms and actually use the data you collect in meaningful ways.

Get the most advanced WordPress form plugin and the only form builder with integrated Views.

Get Formidable Forms Now

Resources

Follow Us

Top Features

Company

[formidable id=164]
<div class="frm_forms with_frm_style frm_style_formidable-style" id="frm_form_164_container" > <form enctype="multipart/form-data" method="post" class="frm-show-form frm_pro_form frm_ajax_submit " id="form_mqotp" > <div class="frm_form_fields "> <fieldset> <legend class="frm_screen_reader">Contact</legend> <div class="frm_fields_container"> <input type="hidden" name="frm_action" value="create" /> <input type="hidden" name="form_id" value="164" /> <input type="hidden" name="frm_hide_fields_164" id="frm_hide_fields_164" value="" /> <input type="hidden" name="form_key" value="mqotp" /> <input type="hidden" name="item_meta[0]" value="" /> <input type="hidden" id="frm_submit_entry_164" name="frm_submit_entry_164" value="b2cfab8a17" /><input type="hidden" name="_wp_http_referer" value="/knowledgebase/frm_sanitize_shortcodes/" /><label for="frm_verify_164" class="frm_screen_reader frm_hidden">If you are human, leave this field blank.</label> <input type="text" class="frm_hidden frm_verify" id="frm_verify_164" name="frm_verify" value="" /> <div id="frm_field_2405_container" class="frm_form_field form-field frm_required_field frm_none_container"> <label for="field_mpczq" class="frm_primary_label">Name <span class="frm_required">*</span> </label> <input type="text" id="field_mpczq" name="item_meta[2405]" value="" placeholder="Your Name" data-reqmsg="This field cannot be blank." aria-required="true" data-invmsg="Text is invalid" /> </div> <div id="frm_field_2406_container" class="frm_form_field form-field frm_required_field frm_none_container"> <label for="field_luf5u" class="frm_primary_label">Email <span class="frm_required">*</span> </label> <input type="email" id="field_luf5u" name="item_meta[2406]" value="" placeholder="Your Email" data-reqmsg="This field cannot be blank." aria-required="true" data-invmsg="Email is invalid" /> </div> <div id="frm_field_2407_container" class="frm_form_field form-field frm_required_field frm_none_container"> <label for="field_uq2x0" class="frm_primary_label">Paragraph <span class="frm_required">*</span> </label> <textarea name="item_meta[2407]" id="field_uq2x0" rows="5" placeholder="Type your message here" data-reqmsg="This field cannot be blank." aria-required="true" data-invmsg="Paragraph is invalid" ></textarea> </div> <div id="frm_field_2446_container" class="frm_form_field frm_html_container form-field">Having trouble submitting your question? Please <a href="/new-topic/">create a new support ticket</a>.</div> <input type="hidden" name="item_key" value="" /> <div class="frm_submit"> <button class="frm_button_submit frm_final_submit" type="submit" formnovalidate="formnovalidate">Submit</button> </div></div> </fieldset> </div> </form> </div>