Using Gravity Forms ‘gform_sanitize_confirmation_message’ PHP filter

The gform_sanitize_confirmation_message filter in Gravity Forms is used to sanitize the complete confirmation message just before outputting to the page. All scripts will be removed.

Usage

add_filter('gform_sanitize_confirmation_message', 'your_function_name');

Parameters

  • $sanitize_confirmation_message (bool): The confirmation message. Default: false.

More information

See Gravity Forms Docs: gform_sanitize_confirmation_message

Examples

Turn on sanitization

add_filter('gform_sanitize_confirmation_message', '__return_true');

Remove HTML tags from the confirmation message

function strip_html_tags($confirmation_message) {
    return strip_tags($confirmation_message);
}
add_filter('gform_sanitize_confirmation_message', 'strip_html_tags');

Remove specific HTML tags from the confirmation message

function strip_specific_tags($confirmation_message) {
    return preg_replace('#</?(script|style|iframe)[^>]*>#is', '', $confirmation_message);
}
add_filter('gform_sanitize_confirmation_message', 'strip_specific_tags');

Encode HTML entities in the confirmation message

function encode_html_entities($confirmation_message) {
    return htmlentities($confirmation_message, ENT_QUOTES, 'UTF-8');
}
add_filter('gform_sanitize_confirmation_message', 'encode_html_entities');

Add custom sanitization using a callback function

function custom_sanitization($confirmation_message) {
    // Your custom code here to sanitize the confirmation message
    return $confirmation_message;
}
add_filter('gform_sanitize_confirmation_message', 'custom_sanitization');