Title: Validate plugin setting
Last modified: April 23, 2017
---
# Validate plugin setting
* [geowb](https://wordpress.org/support/users/geowb/)
* (@geowb)
* [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/)
* I am trying to understand how to use WP_Customize_Setting::validate(). For example,
a setting named rma_user_data_uri should be saved if filter_var($data, FILTER_VALIDATE_URL)
returns $data (where $data is submitted value of rma_user_data_uri) and allow
save, or not save if filter_var(…) is false and return to the settings form ‘
Invalid URI’. How might this be constructed using WP_Customize_Setting::validate()?
* Or do I need to create a custom settings form to do server-side validation and
$_SESSION to return unaccepted values?
Viewing 5 replies - 1 through 5 (of 5 total)
* Thread Starter [geowb](https://wordpress.org/support/users/geowb/)
* (@geowb)
* [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/#post-9058872)
* Here is how the current form is created:
rma.php
* ```
function rma_init() {
$plugin = new Plugin(); // Create container
$plugin['path'] = realpath(plugin_dir_path(__FILE__)) . DIRECTORY_SEPARATOR;
$plugin['url'] = plugin_dir_url(__FILE__);
$plugin['version'] = '0.1.0';
$plugin['properties'] = [
'parent_slug' => 'options-general.php',
'page_title' => 'Remote Member Authentication
',
'menu_title' => 'Remote Member Authentication',
'capability' => 'manage_options',
'menu_slug' => 'rma-settings',
'option_group' => 'rma_option_group',
'section_heading' => '',
'submit_label' => 'Save stuff',
'options' => [
['fieldName' => 'rma_user_data_uri',
'label' => 'User data URI',],
['fieldName' => 'rma_auth_type',
'label' => 'Authentication type'],
['fieldName' => 'rma_auth_type_none',
'label' => ''],
['fieldName' => 'rma_auth_type_api_key',
'label' => 'API key'],
['fieldName' => 'rma_auth_type_basic_username',
'label' => 'Username'],
['fieldName' => 'rma_auth_type_basic_password',
'label' => 'Password'],
],
];
$plugin['settings_page'] = function ( $plugin ) {
static $object;
if (null !== $object) {
return $object;
}
return new SettingsPage($plugin['properties']);
};
$templates = [
'./Templates/member-content.php' => 'Restricted Member Content',
];
//initialization functions
$templater = new Rma\PageTemplater($templates);
add_action('init', ['Rma\Tools', 'member_password_check']);
add_action( 'admin_enqueue_scripts', 'rmaQueueScripts' );
add_action('plugins_loaded', array('Rma\PageTemplater', 'get_instance'));
add_shortcode('member_sign_in', ['Rma\Shortcodes\SigninForm', 'createSignInForm']);
$plugin->run();
}
```
* SettingsPage.php
* ```
namespace Rma;
class SettingsPage extends WpSubPage
{
public function render_settings_page() {
$option_group = $this->properties['option_group'];
$page = $this->properties['menu_slug'];
$submit = $this->properties['submit_label'];
echo $this->properties['page_title'];
?>
properties = $properties;
}
public function run() {
add_action('admin_menu', array($this, 'add_menu_and_page'));
add_action('admin_init', array($this, 'register_settings'));
}
public function add_menu_and_page() {
add_submenu_page(
$this->properties['parent_slug'], $this->properties['page_title'], $this->properties['menu_title'], $this->properties['capability'], $this->properties['menu_slug'], array($this, 'render_settings_page')
);
}
public function register_settings() {
$group = $this->properties['option_group'];
$options = $this->properties['options'];
$page = $this->properties['menu_slug'];
add_settings_section($page . '_main', '', function() {
echo $this->properties['section_heading'];
}, $page);
foreach ($options as $option) {
$fieldName = $option['fieldName'];
if (method_exists('Rma\Tools', 'validate_' . $fieldName)) {
register_setting($group, $fieldName, ['Rma\Tools', 'validate_' . $fieldName]);
} else {
register_setting($group, $fieldName);
}
add_settings_field($fieldName, $option['label'], ['Rma\Fields', 'fieldHtml'], $page, $page . '_main', ['fieldName' => $fieldName]);
}
}
public function render_settings_page() {
}
}
```
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/#post-9058961)
* WP_Customize_Setting::validate() is intended for use when using setting fields
in the customizer. As you are using the Settings API, a similar but different
method of validation is used, which it appears you are already doing when you
register your setting. The customizer validation doesn’t do anything special,
it just sets up a filter system which theme devs hook into in order to validate
their settings.
* By supplying a validation callback when your setting is registered, you are essentially
doing the same thing — providing a path to get to your own validation function.
* That said, there is a lot to be said for moving some of your theme settings away
from a settings page and into the customizer. Maybe you’ve already seen the customizer
docs in the Theme Handbook since you mentioned WP_Customize_Setting, but just
in case not, it’s here: [https://developer.wordpress.org/themes/customize-api/](https://developer.wordpress.org/themes/customize-api/)
* Thread Starter [geowb](https://wordpress.org/support/users/geowb/)
* (@geowb)
* [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/#post-9061418)
* Thanks for your reply. Having read [this](https://core.trac.wordpress.org/ticket/34893)
I got the impression that WP_Customize_Settings::validate() was a step toward
true full-form validation. The register_setting() callback argument appears to
be intended to tidy up settings rather than perform validation. Also, the form
I’m trying to validate is a plugin’s settings form.
* It appears that to validate a form by requiring all inputs to be valid before
saving any values requires coding the form from scratch. So be it.
* Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/)
* (@bcworkz)
* [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/#post-9062998)
* Coding from scratch is not necessary to cause everything to be validated, but
you may decide that is the best approach anyway. I often do myself, but the register_setting()
function ultimately ends up validating the entire form because all the fields
are looped through and in each case the callback specified in register_setting()
is called. Any callback can call add_settings_error() if something is amiss and
the setting will not be updated and the error message will be displayed on the
form.
* The customizer’s validate method is essentially the same thing for the customizer.
In both cases you specify what callback should be used to validate each field
and the setting update process loops though all the fields, calling the callback
for each in turn. I don’t see the Trac ticket you linked to as any overall improvement
in the situation. It’s more bringing the customizer functionality in line with
the way the Settings API works. Mainly by allowing something like add_settings_error()
to be used, as opposed to merely sanitizing and saving.
* I think the add_settings_error() function is the missing information that you
are seeking. Without such functionality, the Settings API would indeed be limited.
* Thread Starter [geowb](https://wordpress.org/support/users/geowb/)
* (@geowb)
* [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/#post-9063081)
* I think you’re right about add_settings_error() as the missing link. I’d not
seen that before; it’ll be much easier to add to existing code than starting
over again. Thanks.
Viewing 5 replies - 1 through 5 (of 5 total)
The topic ‘Validate plugin setting’ is closed to new replies.
* In: [Developing with WordPress](https://wordpress.org/support/forum/wp-advanced/)
* 5 replies
* 2 participants
* Last reply from: [geowb](https://wordpress.org/support/users/geowb/)
* Last activity: [9 years ago](https://wordpress.org/support/topic/validate-plugin-setting/#post-9063081)
* Status: not resolved
## Topics
### Topics with no replies
### Non-support topics
### Resolved topics
### Unresolved topics
### All topics