I want to include inline SVGs in a metabox textarea.
That’s easy. What’s killing me is how do I sanitize the textarea before saving the postmeta, and how do I escape it?
Halp?
Thanks!
2 s
Here is a PHP library that was created for sanitizing SVG files that may be worth looking into. https://github.com/darylldoyle/svg-sanitizer
Here is an example of how this could be used:
// Now do what you want with your clean SVG/XML data
function your_save_meta( $post_id, $post, $update ) {
// - Update the post's metadata.
if ( isset( $_POST['svg_meta'] ) ) {
// Load the sanitizer. (This path will need to be updated)
use enshrined\svgSanitize\Sanitizer;
// Create a new sanitizer instance
$sanitizer = new Sanitizer();
// Pass your meta data to the sanitizer and get it back clean
$cleanSVG = $sanitizer->sanitize($_POST['svg_meta']);
// Update your post meta
update_post_meta( $post_id, 'svg_meta_name', $cleanSVG );
}
}
add_action( 'save_post', 'your_save_meta', 10, 3 );