Save Multiple Metabox values

It’s unclear in what form you have multiple values. Saving multiple fields, each with unique names, is pretty straight forward. Where many people encounter difficulty is in saving multiple selects from a single select/option form element. I’ll assume this includes you and why you’re asking. The secret is in properly naming the select element. It needs to include [] at the end (example: name="foo[]") so selections are passed as an array. If you don’t do so, only the last selected option is passed.

Server side, $_REQUEST['foo'] will then contain an array of selected option values. Validate and sanitize by looping through all the elements. You can save the entire array in a single DB record. WP will serialize/unserialize the array for you. But making queries qualified by particular serialized array values is difficult. If the data in the array is needed for qualifying queries, it may be better to loop through the array and save the element values individually in their own records.

Thanks @bcworkz .

I have 3 fields like below image.

https://i.stack.imgur.com/pFq4Z.png

Should I use below code ?

if (isset($_POST[‘name’])) {
update_post_meta($post_id, ‘name’, sanitize_text_field($_POST[‘name’]));
}

if (isset($_POST[‘address’])) {
update_post_meta($post_id, ‘address’, sanitize_text_field($_POST[‘address’]));
}

if (isset($_POST[‘phone’])) {
update_post_meta($post_id, ‘phone’, sanitize_text_field($_POST[‘phone’]));
}

Is there any way to Save multiple metabox values ?

You could push all the sanitized values into an array and save the array under a single meta key, if that’s what you mean. But doing so makes it difficult to query for users using that data as criteria.

You still need to sanitize each field individually. You could compact your code into a loop driven by an array of field names, for example:

$fields = array('name', 'address', 'phone',);
foreach ( $fields as $field ) {
    if (isset($_POST[ $field ])) {
        update_post_meta($post_id, $field, sanitize_text_field($_POST[ $field ]));
    }
}

Ideally, you’d want to also validate each field with field specific criteria, such as limiting total length of input, and maybe limiting allowed characters, such as those in the phone field. Since each field would typically have unique validation criteria, going through each field with its own code as you’ve done isn’t the worst idea, even if it does seem largely redundant.

Thanks @bcworkz . What should I do for other Form fields like radio button, select option etc ? Should I use sanitize_text_field() for all Form fields ? I am using below code. Please check my code and evaluate it.

foreach ( $fields as $field_name => $flag ) {
   if ( !empty( $field = filter_input( INPUT_POST, $field_name, $flag ) ) ) {
       update_post_meta( $post_id, $field_name, sanitize_text_field( $field ) );
       } else {
         delete_post_meta( $post_id, $field_name );
       }
   }

I am using this code for all Form fields. Does it sanitize meta box values ?

• This reply was modified 2 years, 1 month ago by mabufoysal.