Default WordPress settings API data sanitization
It looks to me that when saving data to the database via the settings API WordPress sanitizes data by default. By that I … Read more
It looks to me that when saving data to the database via the settings API WordPress sanitizes data by default. By that I … Read more
I’m working on an advanced search (which uses custom sql queries), and the query string is formed using variables. For example, if the … Read more
$atts = shortcode_atts( array( ‘path’ => ‘https://s.w.org/about/images/logos/wordpress-logo-simplified-rgb.png’ ), $atts); The above is a part of the shortcode. In WordPress text editor this shortcode … Read more
I’m using esc_url to sanitize my url. The only problem is that “my link” becomes “mylink”. I wouldreally like it to become “my-link”. … Read more
I recently wrote a plugin and now I’m backtracking a bit to sanitize any and all user input. I know that I should … Read more
I have following shortcode: function infobox_shortcode( $atts, $content = null ) { extract( shortcode_atts( array( ‘src’ => ”, ‘title’ => ”, ‘text’ => … Read more
I’m wondering why WordPress doesn’t list PHP array() and any serialized data in Custom Fields in Admin Panel (for Pages, Posts etc.)? Only … Read more
The general guideline is that we should sanitize all user input before using them. Now my questions is whether this applies to nonce … Read more
This is a very straight-forward question, but it’s important and I can’t find anything definitive in the docs. This question asks a similar … Read more
I have added a select box in the Post meta. Here is the code, and it works fine. My question is, do I … Read more