when using get_field() or the_fild() inside html attributes it’s recommended to use esc_attr() to escape invalid characters.
It would be nice if there was a checkbox in ACF field edit box. When checked then escaped value is returned.
Hi @wube
I think it’s such an easy thing to do yourself there’s not really need for ACF to add another setting for it. It would probably be more confusing to “non power user” than helpful to power users 🙂
If you want to simply escape values for a specific field type or perhaps even all of your fields you can use the acf/format_value hook:
http://www.advancedcustomfields.com/resources/acfformat_value/
Hi @Jonathan
I can partially agree. Yes, it’s very easy to implement such a feature on one’s own… but we could say the same about other ACF features. For example about return value option of image field. Why do we need a choice between url and array when we can simply do:
<?php echo get_field('image')['url']; ?>
The second reason why such a feature could be implemented is related to what you have said. Less advanced users might not now that fields should be escaped, so for URL field this option could be set to true by default because the most common use case for URL field is to output its value inside a href attribute.
Hey,
You make some valid points as well 🙂
I don’t think this is the same as return value tho. To take your example with the image field many users are so ignorant to how arrays work they’d never get the damn thing to work 😉
I completely agree that the URL field should almost always be set to escape.
In the end this is up to @elliot as he’s the sole developer at this point. I wouldn’t mind having this setting but I also don’t mind setting it myself with hooks.
I will make this into a formal feature request in the github repo and we’ll see how it’s received 🙂 Sound good?
HI guys
Thanks for the feature request.
I’m hoping not to add any extra options to each field in anttempt to keep the UI minimal.
For now, can you please use this code:
<?php
function my_acf_format_value( $value, $post_id, $field ) {
return esc_attr($value);
}
add_filter('acf/format_value/type=url', 'my_acf_format_value', 10, 3);
?>
