Blog - Latest News

Validating Sanitizing and Escaping User Data

$title = sanitize_text_field( $_POST[‘title’] ); update_post_meta( $post->ID, ‘title’, $title ); Behinds the scenes, the function does the following: Checks for invalid UTF-8 (uses wp_check_invalid_utf8()) Converts single < characters to entity Strips all tags Remove line breaks, tabs and extra white space Strip octets The sanitize_*() class of helper functions are super nice for us, as […]

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *