I have a custom post form that sends data to a page which uses wp_insert_post to create a post. I can easily sanitize most data, but I have some troubles with my tags, I retrieve in an array:
$tags = $_POST['tags'];
Before using these tags as tags_input, how can I successfully sanitize all names?
Here’s a way to do it with PHP’s array map function:
// Good idea to make sure things are set before using them $tags = isset( $_POST['tags'] ) ? (array) $_POST['tags'] : array(); // Any of the WordPress data sanitization functions can be used here $tags = array_map( 'esc_attr', $tags );