Validation Hooks (PHP)
English version coming soon
This page has not been fully translated yet. See the Japanese version for the full reference and examples.
Form Plant exposes WordPress filter hooks for customizing server-side validation — replace error messages, add per-field checks, or call external APIs from PHP.
Client vs server
Use JavaScript customization for instant in-browser feedback (UX). Use the PHP hooks on this page for trustworthy validation (security). Client-side checks can be bypassed via DevTools, so server-side validation must always run independently.
Hook Reference
| Hook | Purpose |
|---|---|
fplant_before_validation | Normalize submitted data before validation |
fplant_validation_required_message | Customize "required" error message |
fplant_validate_field_{$field_name} | Override validation for a specific field |
fplant_validation_message_email | Customize email format error message |
fplant_validation_message_url | Customize URL format error message |
fplant_validation_message_tel | Customize tel format error message |
fplant_validation_message_number | Customize number / min / max error message |
fplant_validate_field_type_{$field_type} | Add extra validation for a field type |
fplant_validation_message_min_length | Customize min length error message |
fplant_validation_message_max_length | Customize max length error message |
fplant_validation_message_pattern | Customize regex pattern error message |
fplant_validate_custom_rules | Add custom validation rule keys |
fplant_validation_message_file | Customize file upload error message |
fplant_validation_errors | Final adjustment of the full error array |
Example: Restrict an Email Field to a Company Domain
add_filter( 'fplant_validate_field_company_email', function( $error, $field, $value, $data, $form_id ) {
$allowed_domains = array( 'example.com', 'company.co.jp' );
if ( ! empty( $value ) && is_email( $value ) ) {
$domain = substr( strrchr( $value, '@' ), 1 );
if ( ! in_array( $domain, $allowed_domains, true ) ) {
return 'Please use your company email (@example.com or @company.co.jp).';
}
}
// Return null to also run the standard validation.
return $error;
}, 10, 5 );
Example: Add a Custom Rule (Minimum Age)
add_filter( 'fplant_validate_custom_rules', function( $error, $field, $value, $validation ) {
if ( isset( $validation['age_restriction'] ) && ! empty( $value ) ) {
$min_age = intval( $validation['age_restriction'] );
$input_age = intval( $value );
if ( $input_age < $min_age ) {
return sprintf( 'You must be %s or older to apply.', $min_age );
}
}
return $error;
}, 10, 4 );
Notes
- Return
falsefor "no error", a string for an error message. Avoid returningnull/true(except forfplant_validate_field_{$field_name}). - Cache external API lookups via the WordPress Transient API to avoid hitting rate limits on every submission.
- Always sanitize input (
sanitize_text_field()) and escape (esc_html()) when including user input in error messages.
For more examples (i18n, file uploads, postal code validation, data normalization), see the Japanese version linked at the top.