Sanitizing search data for use with WP_Query


I’m using heavily-customised WordPress to drive a fishkeeping website.

I have two separate search areas: a site-wide search and a fish species search. The latter also has advanced search features which will search certain meta values in the “species” custom post type (to allow users to search for fish that can be kept in a certain water hardness, for instance).

I want to use search.php to deal with all of these, so I’m using WP_Query. The search forms have something along the lines of <input type="hidden" name="type" value="species" /> to specify the kind of search being performed.

The code I’m utilising is as follows:

    if (isset($_GET["s"])) {
        $search_term = $_GET["s"];

    if (isset($_GET["type"])) {
        switch ($_GET["type"]) {
            case "profile" :
                $post_type = "species";
            case "glossary" :
                $post_type = "glossary";
            default :
                $post_type = "any";

    $args = array(
                's' => $search_term,
                'post_type' => $post_type

    $query = new WP_Query ( $args );

My (lengthy, with apologies) question is this: what’s the best command to use to sanitize the data from the search box?

Thanks in advance,

, dunc 4 years 2020-02-17T08:38:27-05:00 0 Answers 103 views 0

Leave an answer