Tagged: ,

Viewing 4 reply threads
  • Author
    Posts
    • August 5, 2014 at 10:30 am #2150
      Jason
      Keymaster

      Greetings!

      piklist('field', array(
  'description' => 'Paste embed iframe html here',
  'type'      => 'text',
  'field'     => 'design-video',
  'label'     => 'Video Url',
  'columns'   => 12,
  'validate'  => array(
    array(
      'type'    => 'html'
    )
  )
));

      The above validation always returns false, notifying that the field is not valid html. I checked the regex being used against what I’m entering, and it matches. Even a simple “<div></div>” fails.

      Also, on a side note, for page with a lot of meta-boxes and such, it’d be helpful for the end-user if the error notification included the name of the meta-box the field is in.

      Thanks!

    • August 5, 2014 at 3:55 pm #2160
      Steve
      Keymaster

      @jason– Piklist uses a regular expression to validate, and apparently it’s not correct.

      But another thought is whether or not this is needed. Do you need to validate HTML, or do you want to SANITIZE it? Piklist already includes the ability to sanitize using wp_kses_post.

      Should we pull HTML validation from Piklist and leave the sanitization?

    • August 5, 2014 at 4:02 pm #2162
      Jason
      Keymaster

      You know, I actually went a different direction with this. I was providing a field for an embedded youtube video that would take the iframe html YouTube provides… but I really didn’t like the idea of having the user copy and paste that in, especially since I don’t know what options/size they’re selecting.

      So what I did instead is write regex that takes either the full or short youtube url, and extracts the video id from the url. I then use that to build the iframe html myself.

      I think you’re safe pulling the validation. For the most part content will be sanitized, not validated as html. Outside of this instance (which I didn’t like), I’ve never had a moment wherein I wanted the user entering html. Kind of goes against the philosophy of Piklist, I think.

      For the record, though, I went into the Piklist code, grabbed the html regex, and it worked just fine elsewhere. I’m not sure what the problem was.

    • August 5, 2014 at 4:21 pm #2165
      Marcus
      Member

      I really don’t think html validation is important. Only the ability to create your own callbacks and regex yourself.
      After all trying to support all the possible ways to validate would be a waste of your collective time and brain power.
      The usa uses zipcode, we use postal, phones validate differently internationally, etc. Only the basics are needed.
      Email, url, Text, Numeric, Alphanumeric, these are standard the world over.
      The rest should be left up to the community as maybe a plugin or addon we can create and upload to a central location for the communities use.

      I’ve even had to create validation that checks for Chinese characters and reminds the user to enter in english only, as its legally binding. 🙂
      Wouldn’t want to see you guys have to create stuff like that. Your plugins are a much better use of time. 🙂

      Marcus

    • August 7, 2014 at 10:01 am #2175
      Steve
      Keymaster

      Thanks for the feedback, everyone. HTML validation will be removed from the next version of Piklist. If you want to Sanitize an input for allowed HTML, then use the built-in sanitization rule wp_kses_post.

  • Author
    Posts
Viewing 4 reply threads
  • The topic ‘Html validation not working’ is closed to new replies.