I'm using custom fields that can be accessed by anyone. How secure are they? Do I need to add any extra data validation e.g. esc_sql( $sql ) ?
[resolved] Custom fields - how secure are they? (2 posts)
-
richarduk
Posted 10 months ago # -
Posted 10 months ago #I took an educated guess that custom fields are secure from malicious people. The only thing I did was strip out everything except strong elements.
$allowed_html = array('strong' => array()); $meta = wp_kses($meta, $allowed_html); // Remove anything except the <strong></strong> element. // Thanks to: http://ottopress.com/2010/wp-quickie-kses/
Reply
You must log in to post.
