I have a custom post form that sends data to a page which uses wp_insert_post to create a post. I can easily sanitize most data, but I have some troubles with my tags, I retrieve in an array:
$tags = $_POST['tags'];
Before using these tags as tags_input, how can I successfully sanitize all names?
Thanks!
Here’s a way to do it with PHP’s array map function:
// Good idea to make sure things are set before using them
$tags = isset( $_POST['tags'] ) ? (array) $_POST['tags'] : array();
// Any of the WordPress data sanitization functions can be used here
$tags = array_map( 'esc_attr', $tags );