Categories
CMS Mastering Development Wordpress

Prevent attacks, $_POST data security, wp_strip_all_tags

When writing code that accepts input from users I always sanitize data one variable at a time. Example: $title = wp_strip_all_tags($_POST[‘title’]); $content = wp_strip_all_tags($_POST[‘content’]); I had the idea of simplifying things by sanitizing everything at once, inside a loop: foreach ($_POST as $key => $value) $_POST[$key] = wp_strip_all_tags($value); When something more specific is needed, I […]