I’ll build this as a reusable inc/sanitization.php helper for your RX theme: many safe sanitizer callbacks, validation helpers, Customizer-ready functions, and small output escaping helpers you can use across template files.
Below is an advanced sanitization.php file for your RX theme. Put it here:
rx-theme/
└── inc/
└── sanitization.phpThen load it from functions.php:
require_once get_template_directory() . '/inc/sanitization.php';inc/sanitization.php
<?php
/**
* RX Theme Sanitization Helpers
*
* A large collection of reusable sanitization, validation, normalization,
* and escaping helper functions for WordPress themes.
*
* @package RX_Theme
*/
defined( 'ABSPATH' ) || exit;
if ( ! defined( 'RX_THEME_SANITIZE_VERSION' ) ) {
define( 'RX_THEME_SANITIZE_VERSION', '1.0.0' );
}
/**
* Basic text sanitization.
*/
if ( ! function_exists( 'rx_sanitize_text' ) ) {
function rx_sanitize_text( $input ) {
if ( is_array( $input ) || is_object( $input ) ) {
return '';
}
return sanitize_text_field( wp_unslash( $input ) );
}
}
/**
* Multiline textarea sanitization.
*/
if ( ! function_exists( 'rx_sanitize_textarea' ) ) {
function rx_sanitize_textarea( $input ) {
if ( is_array( $input ) || is_object( $input ) ) {
return '';
}
return sanitize_textarea_field( wp_unslash( $input ) );
}
}
/**
* Slug sanitization.
*/
if ( ! function_exists( 'rx_sanitize_slug' ) ) {
function rx_sanitize_slug( $input ) {
if ( is_array( $input ) || is_object( $input ) ) {
return '';
}
return sanitize_title( wp_unslash( $input ) );
}
}
/**
* HTML class sanitization.
*/
if ( ! function_exists( 'rx_sanitize_html_class' ) ) {
function rx_sanitize_html_class( $input, $fallback = '' ) {
$input = is_scalar( $input ) ? (string) $input : '';
return sanitize_html_class( $input, $fallback );
}
}
/**
* Multiple HTML classes sanitization.
*/
if ( ! function_exists( 'rx_sanitize_html_classes' ) ) {
function rx_sanitize_html_classes( $classes ) {
if ( is_string( $classes ) ) {
$classes = preg_split( '/\s+/', trim( $classes ) );
}
if ( ! is_array( $classes ) ) {
return '';
}
$clean = array();
foreach ( $classes as $class ) {
$class = rx_sanitize_html_class( $class );
if ( '' !== $class ) {
$clean[] = $class;
}
}
return implode( ' ', array_unique( $clean ) );
}
}
/**
* Key sanitization.
*/
if ( ! function_exists( 'rx_sanitize_key' ) ) {
function rx_sanitize_key( $input ) {
return sanitize_key( is_scalar( $input ) ? (string) $input : '' );
}
}
/**
* Boolean sanitization.
*/
if ( ! function_exists( 'rx_sanitize_bool' ) ) {
function rx_sanitize_bool( $input ) {
if ( is_bool( $input ) ) {
return $input;
}
if ( is_numeric( $input ) ) {
return (bool) absint( $input );
}
$input = strtolower( trim( (string) $input ) );
return in_array( $input, array( '1', 'true', 'yes', 'on', 'enable', 'enabled' ), true );
}
}
/**
* Checkbox sanitization.
*/
if ( ! function_exists( 'rx_sanitize_checkbox' ) ) {
function rx_sanitize_checkbox( $checked ) {
return rx_sanitize_bool( $checked ) ? 1 : 0;
}
}
/**
* Integer sanitization.
*/
if ( ! function_exists( 'rx_sanitize_int' ) ) {
function rx_sanitize_int( $input ) {
return intval( $input );
}
}
/**
* Positive integer sanitization.
*/
if ( ! function_exists( 'rx_sanitize_absint' ) ) {
function rx_sanitize_absint( $input ) {
return absint( $input );
}
}
/**
* Float sanitization.
*/
if ( ! function_exists( 'rx_sanitize_float' ) ) {
function rx_sanitize_float( $input ) {
if ( is_array( $input ) || is_object( $input ) ) {
return 0.0;
}
$input = str_replace( ',', '.', (string) $input );
return floatval( $input );
}
}
/**
* Number range sanitization.
*/
if ( ! function_exists( 'rx_sanitize_number_range' ) ) {
function rx_sanitize_number_range( $input, $min = 0, $max = 999999, $default = 0 ) {
$number = is_numeric( $input ) ? floatval( $input ) : floatval( $default );
if ( $number < $min ) {
$number = $min;
}
if ( $number > $max ) {
$number = $max;
}
return $number;
}
}
/**
* Integer range sanitization.
*/
if ( ! function_exists( 'rx_sanitize_int_range' ) ) {
function rx_sanitize_int_range( $input, $min = 0, $max = 999999, $default = 0 ) {
return intval( rx_sanitize_number_range( $input, $min, $max, $default ) );
}
}
/**
* Percent sanitization.
*/
if ( ! function_exists( 'rx_sanitize_percent' ) ) {
function rx_sanitize_percent( $input ) {
return rx_sanitize_number_range( $input, 0, 100, 0 );
}
}
/**
* URL sanitization.
*/
if ( ! function_exists( 'rx_sanitize_url' ) ) {
function rx_sanitize_url( $input ) {
if ( is_array( $input ) || is_object( $input ) ) {
return '';
}
return esc_url_raw( trim( wp_unslash( $input ) ) );
}
}
/**
* URL sanitization with allowed protocols.
*/
if ( ! function_exists( 'rx_sanitize_url_protocols' ) ) {
function rx_sanitize_url_protocols( $input, $protocols = array( 'http', 'https' ) ) {
$url = rx_sanitize_url( $input );
if ( empty( $url ) ) {
return '';
}
$scheme = wp_parse_url( $url, PHP_URL_SCHEME );
if ( $scheme && ! in_array( strtolower( $scheme ), $protocols, true ) ) {
return '';
}
return $url;
}
}
/**
* Email sanitization.
*/
if ( ! function_exists( 'rx_sanitize_email' ) ) {
function rx_sanitize_email( $input ) {
$email = sanitize_email( is_scalar( $input ) ? (string) $input : '' );
return is_email( $email ) ? $email : '';
}
}
/**
* Multiple emails sanitization.
*/
if ( ! function_exists( 'rx_sanitize_emails' ) ) {
function rx_sanitize_emails( $input ) {
if ( is_string( $input ) ) {
$input = preg_split( '/[,;\s]+/', $input );
}
if ( ! is_array( $input ) ) {
return array();
}
$emails = array();
foreach ( $input as $email ) {
$email = rx_sanitize_email( $email );
if ( $email ) {
$emails[] = $email;
}
}
return array_values( array_unique( $emails ) );
}
}
/**
* Color hex sanitization.
*/
if ( ! function_exists( 'rx_sanitize_hex_color' ) ) {
function rx_sanitize_hex_color( $color ) {
if ( empty( $color ) ) {
return '';
}
$color = sanitize_hex_color( $color );
return $color ? $color : '';
}
}
/**
* Hex color without hash.
*/
if ( ! function_exists( 'rx_sanitize_hex_color_no_hash' ) ) {
function rx_sanitize_hex_color_no_hash( $color ) {
$color = sanitize_hex_color_no_hash( $color );
return $color ? $color : '';
}
}
/**
* RGBA color sanitization.
*/
if ( ! function_exists( 'rx_sanitize_rgba_color' ) ) {
function rx_sanitize_rgba_color( $color ) {
if ( empty( $color ) || ! is_string( $color ) ) {
return '';
}
$color = trim( $color );
if ( false !== strpos( $color, '#' ) ) {
return rx_sanitize_hex_color( $color );
}
if ( preg_match( '/^rgba?\(\s*([0-9]{1,3})\s*,\s*([0-9]{1,3})\s*,\s*([0-9]{1,3})(?:\s*,\s*(0|1|0?\.\d+))?\s*\)$/', $color, $matches ) ) {
$r = min( 255, max( 0, intval( $matches[1] ) ) );
$g = min( 255, max( 0, intval( $matches[2] ) ) );
$b = min( 255, max( 0, intval( $matches[3] ) ) );
if ( isset( $matches[4] ) && '' !== $matches[4] ) {
$a = min( 1, max( 0, floatval( $matches[4] ) ) );
return 'rgba(' . $r . ',' . $g . ',' . $b . ',' . $a . ')';
}
return 'rgb(' . $r . ',' . $g . ',' . $b . ')';
}
return '';
}
}
/**
* CSS size unit sanitization.
*
* Allows px, em, rem, %, vh, vw, vmin, vmax.
*/
if ( ! function_exists( 'rx_sanitize_css_unit' ) ) {
function rx_sanitize_css_unit( $value, $default = '' ) {
if ( is_array( $value ) || is_object( $value ) ) {
return $default;
}
$value = trim( (string) $value );
if ( '' === $value ) {
return $default;
}
if ( preg_match( '/^-?\d+(\.\d+)?(px|em|rem|%|vh|vw|vmin|vmax)$/', $value ) ) {
return $value;
}
if ( is_numeric( $value ) ) {
return floatval( $value ) . 'px';
}
return $default;
}
}
/**
* CSS spacing sanitization.
*
* Supports: 10px, 10px 20px, 1rem 2rem 3rem 4rem.
*/
if ( ! function_exists( 'rx_sanitize_css_spacing' ) ) {
function rx_sanitize_css_spacing( $value, $default = '' ) {
if ( is_array( $value ) || is_object( $value ) ) {
return $default;
}
$parts = preg_split( '/\s+/', trim( (string) $value ) );
if ( empty( $parts ) || count( $parts ) > 4 ) {
return $default;
}
$clean = array();
foreach ( $parts as $part ) {
$unit = rx_sanitize_css_unit( $part );
if ( '' === $unit ) {
return $default;
}
$clean[] = $unit;
}
return implode( ' ', $clean );
}
}
/**
* Select/radio sanitization.
*/
if ( ! function_exists( 'rx_sanitize_select' ) ) {
function rx_sanitize_select( $input, $choices = array(), $default = '' ) {
$input = rx_sanitize_key( $input );
if ( empty( $choices ) || array_key_exists( $input, $choices ) ) {
return $input;
}
return $default;
}
}
/**
* Multiple select sanitization.
*/
if ( ! function_exists( 'rx_sanitize_multi_select' ) ) {
function rx_sanitize_multi_select( $input, $choices = array() ) {
if ( is_string( $input ) ) {
$input = explode( ',', $input );
}
if ( ! is_array( $input ) ) {
return array();
}
$clean = array();
foreach ( $input as $value ) {
$value = rx_sanitize_key( $value );
if ( empty( $choices ) || array_key_exists( $value, $choices ) ) {
$clean[] = $value;
}
}
return array_values( array_unique( $clean ) );
}
}
/**
* Image attachment ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_image_id' ) ) {
function rx_sanitize_image_id( $input ) {
$id = absint( $input );
if ( ! $id ) {
return 0;
}
$mime = get_post_mime_type( $id );
if ( $mime && 0 === strpos( $mime, 'image/' ) ) {
return $id;
}
return 0;
}
}
/**
* Media attachment ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_attachment_id' ) ) {
function rx_sanitize_attachment_id( $input ) {
$id = absint( $input );
if ( ! $id ) {
return 0;
}
return 'attachment' === get_post_type( $id ) ? $id : 0;
}
}
/**
* Image URL sanitization.
*/
if ( ! function_exists( 'rx_sanitize_image_url' ) ) {
function rx_sanitize_image_url( $input ) {
$url = rx_sanitize_url( $input );
if ( empty( $url ) ) {
return '';
}
$ext = strtolower( pathinfo( wp_parse_url( $url, PHP_URL_PATH ), PATHINFO_EXTENSION ) );
$allowed = array( 'jpg', 'jpeg', 'png', 'gif', 'webp', 'svg', 'avif' );
return in_array( $ext, $allowed, true ) ? $url : '';
}
}
/**
* SVG sanitization for simple safe inline SVG.
*
* Note: Use carefully. For stronger SVG security, use a dedicated SVG sanitizer library.
*/
if ( ! function_exists( 'rx_sanitize_svg' ) ) {
function rx_sanitize_svg( $svg ) {
if ( ! is_string( $svg ) ) {
return '';
}
$allowed = array(
'svg' => array(
'xmlns' => true,
'viewbox' => true,
'viewBox' => true,
'width' => true,
'height' => true,
'fill' => true,
'stroke' => true,
'role' => true,
'aria-hidden' => true,
'focusable' => true,
'class' => true,
),
'path' => array(
'd' => true,
'fill' => true,
'stroke' => true,
'stroke-width' => true,
'stroke-linecap' => true,
'stroke-linejoin' => true,
'class' => true,
),
'g' => array(
'fill' => true,
'stroke' => true,
'transform' => true,
'class' => true,
),
'circle' => array(
'cx' => true,
'cy' => true,
'r' => true,
'fill' => true,
'stroke' => true,
'class' => true,
),
'rect' => array(
'x' => true,
'y' => true,
'width' => true,
'height' => true,
'rx' => true,
'ry' => true,
'fill' => true,
'stroke' => true,
'class' => true,
),
'line' => array(
'x1' => true,
'y1' => true,
'x2' => true,
'y2' => true,
'stroke' => true,
'class' => true,
),
'polygon' => array(
'points' => true,
'fill' => true,
'stroke' => true,
'class' => true,
),
'title' => array(),
);
return wp_kses( $svg, $allowed );
}
}
/**
* Post ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_post_id' ) ) {
function rx_sanitize_post_id( $input, $post_type = '' ) {
$id = absint( $input );
if ( ! $id ) {
return 0;
}
if ( $post_type && get_post_type( $id ) !== $post_type ) {
return 0;
}
return $id;
}
}
/**
* Page ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_page_id' ) ) {
function rx_sanitize_page_id( $input ) {
return rx_sanitize_post_id( $input, 'page' );
}
}
/**
* Category ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_category_id' ) ) {
function rx_sanitize_category_id( $input ) {
$id = absint( $input );
return term_exists( $id, 'category' ) ? $id : 0;
}
}
/**
* Term ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_term_id' ) ) {
function rx_sanitize_term_id( $input, $taxonomy = '' ) {
$id = absint( $input );
if ( ! $id ) {
return 0;
}
if ( $taxonomy && ! term_exists( $id, $taxonomy ) ) {
return 0;
}
return $id;
}
}
/**
* Taxonomy sanitization.
*/
if ( ! function_exists( 'rx_sanitize_taxonomy' ) ) {
function rx_sanitize_taxonomy( $input ) {
$taxonomy = sanitize_key( $input );
return taxonomy_exists( $taxonomy ) ? $taxonomy : '';
}
}
/**
* Post type sanitization.
*/
if ( ! function_exists( 'rx_sanitize_post_type' ) ) {
function rx_sanitize_post_type( $input ) {
$post_type = sanitize_key( $input );
return post_type_exists( $post_type ) ? $post_type : '';
}
}
/**
* Menu location sanitization.
*/
if ( ! function_exists( 'rx_sanitize_menu_location' ) ) {
function rx_sanitize_menu_location( $input ) {
$input = sanitize_key( $input );
$locations = get_registered_nav_menus();
return isset( $locations[ $input ] ) ? $input : '';
}
}
/**
* Sidebar ID sanitization.
*/
if ( ! function_exists( 'rx_sanitize_sidebar_id' ) ) {
function rx_sanitize_sidebar_id( $input ) {
global $wp_registered_sidebars;
$input = sanitize_key( $input );
return isset( $wp_registered_sidebars[ $input ] ) ? $input : '';
}
}
/**
* Date sanitization.
*/
if ( ! function_exists( 'rx_sanitize_date' ) ) {
function rx_sanitize_date( $date, $format = 'Y-m-d' ) {
if ( ! is_string( $date ) ) {
return '';
}
$date = sanitize_text_field( $date );
$d = DateTime::createFromFormat( $format, $date );
return $d && $d->format( $format ) === $date ? $date : '';
}
}
/**
* Time sanitization.
*/
if ( ! function_exists( 'rx_sanitize_time' ) ) {
function rx_sanitize_time( $time ) {
if ( ! is_string( $time ) ) {
return '';
}
$time = sanitize_text_field( $time );
return preg_match( '/^([01]\d|2[0-3]):([0-5]\d)$/', $time ) ? $time : '';
}
}
/**
* Datetime sanitization.
*/
if ( ! function_exists( 'rx_sanitize_datetime' ) ) {
function rx_sanitize_datetime( $datetime ) {
if ( ! is_string( $datetime ) ) {
return '';
}
$datetime = sanitize_text_field( $datetime );
$time = strtotime( $datetime );
return $time ? gmdate( 'Y-m-d H:i:s', $time ) : '';
}
}
/**
* Timezone sanitization.
*/
if ( ! function_exists( 'rx_sanitize_timezone' ) ) {
function rx_sanitize_timezone( $timezone ) {
$timezone = sanitize_text_field( is_scalar( $timezone ) ? (string) $timezone : '' );
return in_array( $timezone, timezone_identifiers_list(), true ) ? $timezone : '';
}
}
/**
* JSON sanitization.
*/
if ( ! function_exists( 'rx_sanitize_json' ) ) {
function rx_sanitize_json( $json ) {
if ( is_array( $json ) ) {
return wp_json_encode( rx_sanitize_array_deep( $json ) );
}
if ( ! is_string( $json ) ) {
return '';
}
$json = wp_unslash( $json );
$data = json_decode( $json, true );
if ( JSON_ERROR_NONE !== json_last_error() ) {
return '';
}
return wp_json_encode( rx_sanitize_array_deep( $data ) );
}
}
/**
* Decode and sanitize JSON to array.
*/
if ( ! function_exists( 'rx_sanitize_json_to_array' ) ) {
function rx_sanitize_json_to_array( $json ) {
if ( is_array( $json ) ) {
return rx_sanitize_array_deep( $json );
}
if ( ! is_string( $json ) ) {
return array();
}
$data = json_decode( wp_unslash( $json ), true );
if ( JSON_ERROR_NONE !== json_last_error() || ! is_array( $data ) ) {
return array();
}
return rx_sanitize_array_deep( $data );
}
}
/**
* Deep array sanitization.
*/
if ( ! function_exists( 'rx_sanitize_array_deep' ) ) {
function rx_sanitize_array_deep( $input ) {
if ( ! is_array( $input ) ) {
return rx_sanitize_text( $input );
}
$clean = array();
foreach ( $input as $key => $value ) {
$key = is_string( $key ) ? sanitize_key( $key ) : absint( $key );
if ( is_array( $value ) ) {
$clean[ $key ] = rx_sanitize_array_deep( $value );
} elseif ( is_bool( $value ) ) {
$clean[ $key ] = (bool) $value;
} elseif ( is_numeric( $value ) ) {
$clean[ $key ] = $value + 0;
} else {
$clean[ $key ] = rx_sanitize_text( $value );
}
}
return $clean;
}
}
/**
* Safe HTML sanitization for post content-like fields.
*/
if ( ! function_exists( 'rx_sanitize_html' ) ) {
function rx_sanitize_html( $html ) {
if ( ! is_string( $html ) ) {
return '';
}
return wp_kses_post( wp_unslash( $html ) );
}
}
/**
* Very strict HTML sanitization.
*/
if ( ! function_exists( 'rx_sanitize_basic_html' ) ) {
function rx_sanitize_basic_html( $html ) {
if ( ! is_string( $html ) ) {
return '';
}
$allowed = array(
'a' => array(
'href' => true,
'title' => true,
'target' => true,
'rel' => true,
),
'br' => array(),
'em' => array(),
'strong' => array(),
'b' => array(),
'i' => array(),
'u' => array(),
'p' => array(),
'span' => array(
'class' => true,
),
);
return wp_kses( wp_unslash( $html ), $allowed );
}
}
/**
* Script tag sanitizer.
*
* For theme settings where user adds analytics or header scripts.
* Only allow users with unfiltered_html.
*/
if ( ! function_exists( 'rx_sanitize_script_code' ) ) {
function rx_sanitize_script_code( $code ) {
if ( ! current_user_can( 'unfiltered_html' ) ) {
return '';
}
return is_string( $code ) ? wp_unslash( $code ) : '';
}
}
/**
* Inline CSS sanitizer.
*
* This is strict and blocks dangerous characters.
*/
if ( ! function_exists( 'rx_sanitize_inline_css' ) ) {
function rx_sanitize_inline_css( $css ) {
if ( ! is_string( $css ) ) {
return '';
}
$css = wp_unslash( $css );
$css = preg_replace( '#</?[^>]+>#', '', $css );
$css = preg_replace( '/expression\s*\(/i', '', $css );
$css = preg_replace( '/javascript\s*:/i', '', $css );
$css = preg_replace( '/behavior\s*:/i', '', $css );
return trim( $css );
}
}
/**
* CSS variable name sanitization.
*/
if ( ! function_exists( 'rx_sanitize_css_variable_name' ) ) {
function rx_sanitize_css_variable_name( $name ) {
$name = trim( is_scalar( $name ) ? (string) $name : '' );
if ( preg_match( '/^--[a-zA-Z0-9-_]+$/', $name ) ) {
return $name;
}
return '';
}
}
/**
* CSS variable value sanitization.
*/
if ( ! function_exists( 'rx_sanitize_css_variable_value' ) ) {
function rx_sanitize_css_variable_value( $value ) {
if ( ! is_scalar( $value ) ) {
return '';
}
$value = trim( (string) $value );
$value = preg_replace( '/[<>{}]/', '', $value );
$value = preg_replace( '/javascript\s*:/i', '', $value );
$value = preg_replace( '/expression\s*\(/i', '', $value );
return sanitize_text_field( $value );
}
}
/**
* Font family sanitization.
*/
if ( ! function_exists( 'rx_sanitize_font_family' ) ) {
function rx_sanitize_font_family( $font ) {
$font = trim( is_scalar( $font ) ? (string) $font : '' );
$font = preg_replace( '/[^a-zA-Z0-9\s,\-_"\'\.]/', '', $font );
return sanitize_text_field( $font );
}
}
/**
* Font weight sanitization.
*/
if ( ! function_exists( 'rx_sanitize_font_weight' ) ) {
function rx_sanitize_font_weight( $weight ) {
$weight = sanitize_text_field( is_scalar( $weight ) ? (string) $weight : '' );
$allowed = array(
'100',
'200',
'300',
'400',
'500',
'600',
'700',
'800',
'900',
'normal',
'bold',
'bolder',
'lighter',
);
return in_array( $weight, $allowed, true ) ? $weight : '400';
}
}
/**
* Text align sanitization.
*/
if ( ! function_exists( 'rx_sanitize_text_align' ) ) {
function rx_sanitize_text_align( $align ) {
$allowed = array(
'left' => true,
'right' => true,
'center' => true,
'justify' => true,
'start' => true,
'end' => true,
);
return rx_sanitize_select( $align, $allowed, 'left' );
}
}
/**
* Display type sanitization.
*/
if ( ! function_exists( 'rx_sanitize_display' ) ) {
function rx_sanitize_display( $display ) {
$allowed = array(
'none' => true,
'block' => true,
'inline' => true,
'inline-block' => true,
'flex' => true,
'grid' => true,
);
return rx_sanitize_select( $display, $allowed, 'block' );
}
}
/**
* Layout sanitization.
*/
if ( ! function_exists( 'rx_sanitize_layout' ) ) {
function rx_sanitize_layout( $layout ) {
$allowed = array(
'no-sidebar' => true,
'left-sidebar' => true,
'right-sidebar' => true,
'full-width' => true,
'boxed' => true,
'wide' => true,
);
return rx_sanitize_select( $layout, $allowed, 'right-sidebar' );
}
}
/**
* Header style sanitization.
*/
if ( ! function_exists( 'rx_sanitize_header_style' ) ) {
function rx_sanitize_header_style( $style ) {
$allowed = array(
'default' => true,
'minimal' => true,
'centered' => true,
'transparent' => true,
'sticky' => true,
'modern' => true,
);
return rx_sanitize_select( $style, $allowed, 'default' );
}
}
/**
* Footer style sanitization.
*/
if ( ! function_exists( 'rx_sanitize_footer_style' ) ) {
function rx_sanitize_footer_style( $style ) {
$allowed = array(
'default' => true,
'minimal' => true,
'widgets' => true,
'columns' => true,
'modern' => true,
);
return rx_sanitize_select( $style, $allowed, 'default' );
}
}
/**
* Image size sanitization.
*/
if ( ! function_exists( 'rx_sanitize_image_size' ) ) {
function rx_sanitize_image_size( $size ) {
$size = sanitize_key( $size );
$allowed = array_merge(
array( 'thumbnail', 'medium', 'medium_large', 'large', 'full' ),
array_keys( wp_get_registered_image_subsizes() )
);
return in_array( $size, $allowed, true ) ? $size : 'full';
}
}
/**
* Order sanitization.
*/
if ( ! function_exists( 'rx_sanitize_order' ) ) {
function rx_sanitize_order( $order ) {
$order = strtoupper( sanitize_text_field( is_scalar( $order ) ? (string) $order : '' ) );
return in_array( $order, array( 'ASC', 'DESC' ), true ) ? $order : 'DESC';
}
}
/**
* Orderby sanitization.
*/
if ( ! function_exists( 'rx_sanitize_orderby' ) ) {
function rx_sanitize_orderby( $orderby ) {
$allowed = array(
'none' => true,
'ID' => true,
'author' => true,
'title' => true,
'name' => true,
'date' => true,
'modified' => true,
'parent' => true,
'rand' => true,
'comment_count' => true,
'menu_order' => true,
'post__in' => true,
);
$orderby = sanitize_text_field( is_scalar( $orderby ) ? (string) $orderby : '' );
return isset( $allowed[ $orderby ] ) ? $orderby : 'date';
}
}
/**
* Pagination type sanitization.
*/
if ( ! function_exists( 'rx_sanitize_pagination_type' ) ) {
function rx_sanitize_pagination_type( $type ) {
$allowed = array(
'numeric' => true,
'next-prev' => true,
'load-more' => true,
'infinite' => true,
'none' => true,
);
return rx_sanitize_select( $type, $allowed, 'numeric' );
}
}
/**
* Social network sanitization.
*/
if ( ! function_exists( 'rx_sanitize_social_network' ) ) {
function rx_sanitize_social_network( $network ) {
$allowed = array(
'facebook' => true,
'twitter' => true,
'x' => true,
'instagram' => true,
'linkedin' => true,
'youtube' => true,
'pinterest' => true,
'tiktok' => true,
'github' => true,
'telegram' => true,
'whatsapp' => true,
'email' => true,
'website' => true,
);
return rx_sanitize_select( $network, $allowed, '' );
}
}
/**
* Phone number sanitization.
*/
if ( ! function_exists( 'rx_sanitize_phone' ) ) {
function rx_sanitize_phone( $phone ) {
if ( ! is_scalar( $phone ) ) {
return '';
}
$phone = trim( (string) $phone );
return preg_replace( '/[^0-9\+\-\(\)\s]/', '', $phone );
}
}
/**
* WhatsApp number sanitization.
*/
if ( ! function_exists( 'rx_sanitize_whatsapp_number' ) ) {
function rx_sanitize_whatsapp_number( $number ) {
if ( ! is_scalar( $number ) ) {
return '';
}
return preg_replace( '/[^0-9]/', '', (string) $number );
}
}
/**
* Latitude sanitization.
*/
if ( ! function_exists( 'rx_sanitize_latitude' ) ) {
function rx_sanitize_latitude( $lat ) {
return rx_sanitize_number_range( $lat, -90, 90, 0 );
}
}
/**
* Longitude sanitization.
*/
if ( ! function_exists( 'rx_sanitize_longitude' ) ) {
function rx_sanitize_longitude( $lng ) {
return rx_sanitize_number_range( $lng, -180, 180, 0 );
}
}
/**
* Comma-separated list sanitization.
*/
if ( ! function_exists( 'rx_sanitize_csv_text' ) ) {
function rx_sanitize_csv_text( $input ) {
if ( is_string( $input ) ) {
$input = explode( ',', $input );
}
if ( ! is_array( $input ) ) {
return '';
}
$clean = array();
foreach ( $input as $item ) {
$item = rx_sanitize_text( $item );
if ( '' !== $item ) {
$clean[] = $item;
}
}
return implode( ',', array_unique( $clean ) );
}
}
/**
* Comma-separated integer list.
*/
if ( ! function_exists( 'rx_sanitize_csv_int' ) ) {
function rx_sanitize_csv_int( $input ) {
if ( is_string( $input ) ) {
$input = explode( ',', $input );
}
if ( ! is_array( $input ) ) {
return '';
}
$clean = array();
foreach ( $input as $item ) {
$item = absint( $item );
if ( $item ) {
$clean[] = $item;
}
}
return implode( ',', array_unique( $clean ) );
}
}
/**
* Nonce verification helper.
*/
if ( ! function_exists( 'rx_verify_nonce' ) ) {
function rx_verify_nonce( $nonce, $action ) {
$nonce = is_scalar( $nonce ) ? (string) $nonce : '';
return (bool) wp_verify_nonce( sanitize_text_field( wp_unslash( $nonce ) ), $action );
}
}
/**
* Sanitize nonce field from request.
*/
if ( ! function_exists( 'rx_get_nonce_from_request' ) ) {
function rx_get_nonce_from_request( $key = '_wpnonce' ) {
$key = sanitize_key( $key );
if ( ! isset( $_REQUEST[ $key ] ) ) {
return '';
}
return sanitize_text_field( wp_unslash( $_REQUEST[ $key ] ) );
}
}
/**
* Safe GET value.
*/
if ( ! function_exists( 'rx_get_query_var_sanitized' ) ) {
function rx_get_query_var_sanitized( $key, $default = '' ) {
$key = sanitize_key( $key );
if ( ! isset( $_GET[ $key ] ) ) {
return $default;
}
return rx_sanitize_text( $_GET[ $key ] );
}
}
/**
* Safe POST value.
*/
if ( ! function_exists( 'rx_get_post_var_sanitized' ) ) {
function rx_get_post_var_sanitized( $key, $default = '' ) {
$key = sanitize_key( $key );
if ( ! isset( $_POST[ $key ] ) ) {
return $default;
}
return rx_sanitize_text( $_POST[ $key ] );
}
}
/**
* Sanitize REST route parameter.
*/
if ( ! function_exists( 'rx_sanitize_rest_param' ) ) {
function rx_sanitize_rest_param( $param ) {
if ( is_array( $param ) ) {
return rx_sanitize_array_deep( $param );
}
return rx_sanitize_text( $param );
}
}
/**
* Validate REST permission for logged-in user.
*/
if ( ! function_exists( 'rx_rest_permission_logged_in' ) ) {
function rx_rest_permission_logged_in() {
return is_user_logged_in();
}
}
/**
* Validate REST permission for admin.
*/
if ( ! function_exists( 'rx_rest_permission_manage_options' ) ) {
function rx_rest_permission_manage_options() {
return current_user_can( 'manage_options' );
}
}
/**
* Sanitize meta key.
*/
if ( ! function_exists( 'rx_sanitize_meta_key' ) ) {
function rx_sanitize_meta_key( $key ) {
$key = is_scalar( $key ) ? (string) $key : '';
return preg_replace( '/[^a-zA-Z0-9_\-]/', '', $key );
}
}
/**
* Sanitize meta value.
*/
if ( ! function_exists( 'rx_sanitize_meta_value' ) ) {
function rx_sanitize_meta_value( $value ) {
if ( is_array( $value ) ) {
return rx_sanitize_array_deep( $value );
}
if ( is_bool( $value ) ) {
return rx_sanitize_bool( $value );
}
if ( is_numeric( $value ) ) {
return $value + 0;
}
return rx_sanitize_textarea( $value );
}
}
/**
* Sanitize query args for safe WP_Query.
*/
if ( ! function_exists( 'rx_sanitize_query_args' ) ) {
function rx_sanitize_query_args( $args ) {
if ( ! is_array( $args ) ) {
return array();
}
$clean = array();
if ( isset( $args['post_type'] ) ) {
if ( is_array( $args['post_type'] ) ) {
$clean['post_type'] = array_filter( array_map( 'rx_sanitize_post_type', $args['post_type'] ) );
} else {
$clean['post_type'] = rx_sanitize_post_type( $args['post_type'] );
}
}
if ( isset( $args['posts_per_page'] ) ) {
$clean['posts_per_page'] = rx_sanitize_int_range( $args['posts_per_page'], -1, 100, 10 );
}
if ( isset( $args['paged'] ) ) {
$clean['paged'] = max( 1, absint( $args['paged'] ) );
}
if ( isset( $args['order'] ) ) {
$clean['order'] = rx_sanitize_order( $args['order'] );
}
if ( isset( $args['orderby'] ) ) {
$clean['orderby'] = rx_sanitize_orderby( $args['orderby'] );
}
if ( isset( $args['cat'] ) ) {
$clean['cat'] = rx_sanitize_csv_int( $args['cat'] );
}
if ( isset( $args['category_name'] ) ) {
$clean['category_name'] = rx_sanitize_slug( $args['category_name'] );
}
if ( isset( $args['s'] ) ) {
$clean['s'] = rx_sanitize_text( $args['s'] );
}
if ( isset( $args['post__in'] ) && is_array( $args['post__in'] ) ) {
$clean['post__in'] = array_map( 'absint', $args['post__in'] );
}
if ( isset( $args['post__not_in'] ) && is_array( $args['post__not_in'] ) ) {
$clean['post__not_in'] = array_map( 'absint', $args['post__not_in'] );
}
return $clean;
}
}
/**
* Sanitize schema type.
*/
if ( ! function_exists( 'rx_sanitize_schema_type' ) ) {
function rx_sanitize_schema_type( $type ) {
$allowed = array(
'WebSite' => true,
'WebPage' => true,
'Article' => true,
'MedicalWebPage' => true,
'BlogPosting' => true,
'NewsArticle' => true,
'FAQPage' => true,
'BreadcrumbList' => true,
'Organization' => true,
'Person' => true,
'LocalBusiness' => true,
'MedicalCondition' => true,
);
$type = sanitize_text_field( is_scalar( $type ) ? (string) $type : '' );
return isset( $allowed[ $type ] ) ? $type : 'WebPage';
}
}
/**
* Sanitize robots directive.
*/
if ( ! function_exists( 'rx_sanitize_robots_directive' ) ) {
function rx_sanitize_robots_directive( $directive ) {
$allowed = array(
'index,follow' => true,
'noindex,follow' => true,
'index,nofollow' => true,
'noindex,nofollow' => true,
'max-snippet:-1' => true,
'max-image-preview:large' => true,
'max-video-preview:-1' => true,
);
$directive = sanitize_text_field( is_scalar( $directive ) ? (string) $directive : '' );
return isset( $allowed[ $directive ] ) ? $directive : 'index,follow';
}
}
/**
* Sanitize Open Graph type.
*/
if ( ! function_exists( 'rx_sanitize_og_type' ) ) {
function rx_sanitize_og_type( $type ) {
$allowed = array(
'website' => true,
'article' => true,
'profile' => true,
'book' => true,
'video' => true,
'music' => true,
);
return rx_sanitize_select( $type, $allowed, 'website' );
}
}
/**
* Sanitize Twitter card type.
*/
if ( ! function_exists( 'rx_sanitize_twitter_card' ) ) {
function rx_sanitize_twitter_card( $card ) {
$allowed = array(
'summary' => true,
'summary_large_image' => true,
'app' => true,
'player' => true,
);
return rx_sanitize_select( $card, $allowed, 'summary_large_image' );
}
}
/**
* Sanitize target attribute.
*/
if ( ! function_exists( 'rx_sanitize_link_target' ) ) {
function rx_sanitize_link_target( $target ) {
$allowed = array(
'_self' => true,
'_blank' => true,
'_top' => true,
'_parent'=> true,
);
return rx_sanitize_select( $target, $allowed, '_self' );
}
}
/**
* Sanitize rel attribute.
*/
if ( ! function_exists( 'rx_sanitize_link_rel' ) ) {
function rx_sanitize_link_rel( $rel ) {
if ( is_string( $rel ) ) {
$rel = preg_split( '/\s+/', $rel );
}
if ( ! is_array( $rel ) ) {
return '';
}
$allowed = array(
'noopener',
'noreferrer',
'nofollow',
'sponsored',
'ugc',
'external',
'author',
'bookmark',
'help',
'license',
'next',
'prev',
);
$clean = array();
foreach ( $rel as $item ) {
$item = sanitize_key( $item );
if ( in_array( $item, $allowed, true ) ) {
$clean[] = $item;
}
}
return implode( ' ', array_unique( $clean ) );
}
}
/**
* Sanitize loading attribute.
*/
if ( ! function_exists( 'rx_sanitize_loading_attr' ) ) {
function rx_sanitize_loading_attr( $loading ) {
$allowed = array(
'lazy' => true,
'eager' => true,
'auto' => true,
);
return rx_sanitize_select( $loading, $allowed, 'lazy' );
}
}
/**
* Sanitize decoding attribute.
*/
if ( ! function_exists( 'rx_sanitize_decoding_attr' ) ) {
function rx_sanitize_decoding_attr( $decoding ) {
$allowed = array(
'async' => true,
'sync' => true,
'auto' => true,
);
return rx_sanitize_select( $decoding, $allowed, 'async' );
}
}
/**
* Sanitize fetchpriority attribute.
*/
if ( ! function_exists( 'rx_sanitize_fetchpriority_attr' ) ) {
function rx_sanitize_fetchpriority_attr( $priority ) {
$allowed = array(
'high' => true,
'low' => true,
'auto' => true,
);
return rx_sanitize_select( $priority, $allowed, 'auto' );
}
}
/**
* Sanitize script loading strategy.
*/
if ( ! function_exists( 'rx_sanitize_script_strategy' ) ) {
function rx_sanitize_script_strategy( $strategy ) {
$allowed = array(
'defer' => true,
'async' => true,
'none' => true,
);
return rx_sanitize_select( $strategy, $allowed, 'defer' );
}
}
/**
* Sanitize cross origin attribute.
*/
if ( ! function_exists( 'rx_sanitize_crossorigin' ) ) {
function rx_sanitize_crossorigin( $value ) {
$allowed = array(
'anonymous' => true,
'use-credentials' => true,
'' => true,
);
$value = sanitize_text_field( is_scalar( $value ) ? (string) $value : '' );
return isset( $allowed[ $value ] ) ? $value : 'anonymous';
}
}
/**
* Sanitize referrer policy.
*/
if ( ! function_exists( 'rx_sanitize_referrerpolicy' ) ) {
function rx_sanitize_referrerpolicy( $policy ) {
$allowed = array(
'no-referrer' => true,
'no-referrer-when-downgrade' => true,
'origin' => true,
'origin-when-cross-origin' => true,
'same-origin' => true,
'strict-origin' => true,
'strict-origin-when-cross-origin' => true,
'unsafe-url' => true,
);
return rx_sanitize_select( $policy, $allowed, 'strict-origin-when-cross-origin' );
}
}
/**
* Sanitize preload as attribute.
*/
if ( ! function_exists( 'rx_sanitize_preload_as' ) ) {
function rx_sanitize_preload_as( $as ) {
$allowed = array(
'audio' => true,
'document' => true,
'embed' => true,
'fetch' => true,
'font' => true,
'image' => true,
'object' => true,
'script' => true,
'style' => true,
'track' => true,
'video' => true,
'worker' => true,
);
return rx_sanitize_select( $as, $allowed, 'script' );
}
}
/**
* Sanitize MIME type.
*/
if ( ! function_exists( 'rx_sanitize_mime_type' ) ) {
function rx_sanitize_mime_type( $mime ) {
$mime = sanitize_mime_type( is_scalar( $mime ) ? (string) $mime : '' );
return $mime;
}
}
/**
* Sanitize SRI integrity.
*/
if ( ! function_exists( 'rx_sanitize_sri_integrity' ) ) {
function rx_sanitize_sri_integrity( $integrity ) {
$integrity = trim( is_scalar( $integrity ) ? (string) $integrity : '' );
if ( '' === $integrity ) {
return '';
}
if ( preg_match( '/^(sha256|sha384|sha512)-[A-Za-z0-9+\/=]+$/', $integrity ) ) {
return $integrity;
}
return '';
}
}
/**
* Sanitize CDN asset item.
*/
if ( ! function_exists( 'rx_sanitize_asset_item' ) ) {
function rx_sanitize_asset_item( $item ) {
if ( ! is_array( $item ) ) {
return array();
}
return array(
'handle' => isset( $item['handle'] ) ? rx_sanitize_key( $item['handle'] ) : '',
'url' => isset( $item['url'] ) ? rx_sanitize_url( $item['url'] ) : '',
'type' => isset( $item['type'] ) ? rx_sanitize_select(
$item['type'],
array(
'script' => true,
'style' => true,
'preload'=> true,
'preconnect' => true,
'dns-prefetch' => true,
),
'script'
) : 'script',
'deps' => isset( $item['deps'] ) ? rx_sanitize_csv_text( $item['deps'] ) : '',
'version' => isset( $item['version'] ) ? rx_sanitize_text( $item['version'] ) : '',
'strategy' => isset( $item['strategy'] ) ? rx_sanitize_script_strategy( $item['strategy'] ) : 'defer',
'media' => isset( $item['media'] ) ? rx_sanitize_text( $item['media'] ) : 'all',
'in_footer' => isset( $item['in_footer'] ) ? rx_sanitize_checkbox( $item['in_footer'] ) : 1,
'crossorigin' => isset( $item['crossorigin'] ) ? rx_sanitize_crossorigin( $item['crossorigin'] ) : 'anonymous',
'integrity' => isset( $item['integrity'] ) ? rx_sanitize_sri_integrity( $item['integrity'] ) : '',
'referrerpolicy' => isset( $item['referrerpolicy'] ) ? rx_sanitize_referrerpolicy( $item['referrerpolicy'] ) : '',
'enabled' => isset( $item['enabled'] ) ? rx_sanitize_checkbox( $item['enabled'] ) : 1,
);
}
}
/**
* Sanitize multiple CDN asset items.
*/
if ( ! function_exists( 'rx_sanitize_asset_items' ) ) {
function rx_sanitize_asset_items( $items ) {
if ( is_string( $items ) ) {
$items = rx_sanitize_json_to_array( $items );
}
if ( ! is_array( $items ) ) {
return array();
}
$clean = array();
foreach ( $items as $item ) {
$item = rx_sanitize_asset_item( $item );
if ( ! empty( $item['url'] ) && ! empty( $item['handle'] ) ) {
$clean[] = $item;
}
}
return $clean;
}
}
/**
* Escape attribute shortcut.
*/
if ( ! function_exists( 'rx_attr' ) ) {
function rx_attr( $value ) {
return esc_attr( $value );
}
}
/**
* Escape HTML shortcut.
*/
if ( ! function_exists( 'rx_html' ) ) {
function rx_html( $value ) {
return esc_html( $value );
}
}
/**
* Escape URL shortcut.
*/
if ( ! function_exists( 'rx_url' ) ) {
function rx_url( $value ) {
return esc_url( $value );
}
}
/**
* Escape textarea shortcut.
*/
if ( ! function_exists( 'rx_textarea' ) ) {
function rx_textarea( $value ) {
return esc_textarea( $value );
}
}
/**
* Escape post HTML.
*/
if ( ! function_exists( 'rx_kses_post' ) ) {
function rx_kses_post( $value ) {
return wp_kses_post( $value );
}
}
/**
* Echo escaped attribute.
*/
if ( ! function_exists( 'rx_the_attr' ) ) {
function rx_the_attr( $value ) {
echo esc_attr( $value );
}
}
/**
* Echo escaped HTML.
*/
if ( ! function_exists( 'rx_the_html' ) ) {
function rx_the_html( $value ) {
echo esc_html( $value );
}
}
/**
* Echo escaped URL.
*/
if ( ! function_exists( 'rx_the_url' ) ) {
function rx_the_url( $value ) {
echo esc_url( $value );
}
}
/**
* Echo safe HTML.
*/
if ( ! function_exists( 'rx_the_kses_post' ) ) {
function rx_the_kses_post( $value ) {
echo wp_kses_post( $value );
}
}
/**
* Safe body class.
*/
if ( ! function_exists( 'rx_safe_body_class' ) ) {
function rx_safe_body_class( $classes = array() ) {
if ( is_string( $classes ) ) {
$classes = preg_split( '/\s+/', $classes );
}
if ( ! is_array( $classes ) ) {
$classes = array();
}
$classes = array_map( 'rx_sanitize_html_class', $classes );
$classes = array_filter( $classes );
body_class( $classes );
}
}
/**
* Safe post class.
*/
if ( ! function_exists( 'rx_safe_post_class' ) ) {
function rx_safe_post_class( $classes = array(), $post_id = null ) {
if ( is_string( $classes ) ) {
$classes = preg_split( '/\s+/', $classes );
}
if ( ! is_array( $classes ) ) {
$classes = array();
}
$classes = array_map( 'rx_sanitize_html_class', $classes );
$classes = array_filter( $classes );
post_class( $classes, $post_id );
}
}
/**
* Sanitize Customizer dropdown pages.
*/
if ( ! function_exists( 'rx_sanitize_dropdown_pages' ) ) {
function rx_sanitize_dropdown_pages( $page_id, $setting = null ) {
$page_id = absint( $page_id );
if ( $page_id && 'publish' === get_post_status( $page_id ) ) {
return $page_id;
}
return $setting && method_exists( $setting, 'default' ) ? $setting->default : 0;
}
}
/**
* Customizer callback: is option enabled.
*/
if ( ! function_exists( 'rx_customizer_is_enabled' ) ) {
function rx_customizer_is_enabled( $control ) {
$value = $control->manager->get_setting( $control->id )->value();
return rx_sanitize_bool( $value );
}
}
/**
* Sanitize customizer image.
*/
if ( ! function_exists( 'rx_sanitize_customizer_image' ) ) {
function rx_sanitize_customizer_image( $image, $setting = null ) {
$image = rx_sanitize_image_url( $image );
if ( $image ) {
return $image;
}
return $setting && isset( $setting->default ) ? $setting->default : '';
}
}
/**
* Sanitize customizer file.
*/
if ( ! function_exists( 'rx_sanitize_customizer_file' ) ) {
function rx_sanitize_customizer_file( $file, $setting = null ) {
$file = rx_sanitize_url( $file );
if ( $file ) {
return $file;
}
return $setting && isset( $setting->default ) ? $setting->default : '';
}
}
/**
* Final general-purpose sanitization switcher.
*/
if ( ! function_exists( 'rx_sanitize_by_type' ) ) {
function rx_sanitize_by_type( $value, $type = 'text', $args = array() ) {
switch ( $type ) {
case 'textarea':
return rx_sanitize_textarea( $value );
case 'html':
return rx_sanitize_html( $value );
case 'basic_html':
return rx_sanitize_basic_html( $value );
case 'url':
return rx_sanitize_url( $value );
case 'email':
return rx_sanitize_email( $value );
case 'int':
return rx_sanitize_int( $value );
case 'absint':
return rx_sanitize_absint( $value );
case 'float':
return rx_sanitize_float( $value );
case 'bool':
return rx_sanitize_bool( $value );
case 'checkbox':
return rx_sanitize_checkbox( $value );
case 'slug':
return rx_sanitize_slug( $value );
case 'key':
return rx_sanitize_key( $value );
case 'hex':
return rx_sanitize_hex_color( $value );
case 'rgba':
return rx_sanitize_rgba_color( $value );
case 'css_unit':
return rx_sanitize_css_unit( $value );
case 'css_spacing':
return rx_sanitize_css_spacing( $value );
case 'json':
return rx_sanitize_json( $value );
case 'array':
return rx_sanitize_array_deep( $value );
case 'select':
$choices = isset( $args['choices'] ) ? $args['choices'] : array();
$default = isset( $args['default'] ) ? $args['default'] : '';
return rx_sanitize_select( $value, $choices, $default );
case 'range':
$min = isset( $args['min'] ) ? $args['min'] : 0;
$max = isset( $args['max'] ) ? $args['max'] : 999999;
$default = isset( $args['default'] ) ? $args['default'] : 0;
return rx_sanitize_number_range( $value, $min, $max, $default );
case 'text':
default:
return rx_sanitize_text( $value );
}
}
}Example use in Customizer
$wp_customize->add_setting(
'rx_header_style',
array(
'default' => 'default',
'sanitize_callback' => 'rx_sanitize_header_style',
)
);
$wp_customize->add_setting(
'rx_primary_color',
array(
'default' => '#0d6efd',
'sanitize_callback' => 'rx_sanitize_hex_color',
)
);
$wp_customize->add_setting(
'rx_enable_sticky_header',
array(
'default' => 1,
'sanitize_callback' => 'rx_sanitize_checkbox',
)
);Example use in template files
<h1><?php rx_the_html( get_the_title() ); ?></h1>
<a href="<?php rx_the_url( get_permalink() ); ?>" class="<?php rx_the_attr( rx_sanitize_html_classes( 'rx-btn rx-primary' ) ); ?>">
<?php esc_html_e( 'Read More', 'rx-theme' ); ?>
</a>Important security note
For normal theme options, use strict functions like:
rx_sanitize_text()
rx_sanitize_textarea()
rx_sanitize_url()
rx_sanitize_hex_color()
rx_sanitize_checkbox()
rx_sanitize_select()For raw JavaScript or tracking code, only use:
rx_sanitize_script_code()because it only allows users with the unfiltered_html capability. This is safer for admin-only script areas.