What is the best way to sanitize data?
I’ve read several topics about this and different people have different views on the best practice. In terms of WordPress, how do I … Read more
I’ve read several topics about this and different people have different views on the best practice. In terms of WordPress, how do I … Read more
Does anyone have any idea how to sanitize CSS entered via user input? I am concerned about cross-site scripting via CSS. I am … Read more
When updating a post meta where the input will be always an integer, should I use (int) or is there a WordPress function … Read more
I can see validate_user() calls sanitize_user() with strict argument as true, which means uppercase letters are not allowed too. In source code, I … Read more
If I’m allowing a user to enter an email address to be saved into the database, should I use is_email() or sanitize_email()? Ex. … Read more
I’ve read Professional WordPress and it says: esc_html function is used for scrubbing data that contains HTML. This function encodes special characters into … Read more
I am working on a plugin that requires on-the-fly manipulation of content output. This is solely dependent on the current $_GET variable or … Read more
I built a custom post type where we can find a standard textarea/tinymce generated by wp_editor() and I’m facing an issue for the … Read more
Using WP3.1 I Have a custom page with a WP_Query and the query gets dynamic variables from the url. And i want safe … Read more
Taken from the articles referenced below: wp_strip_all_tags() “Properly strip all HTML tags including script and style.” wp_filter_nohtml_kses() “Strips all of the HTML in … Read more