Plugin Custom Field Value Sanitization | WordPress.org

toneburst
(@toneburst)

15 years, 4 months ago

Hi guys,

quick query from a plugin newbie.

I’m writing a plugin that adds a meta box to the Post Edit Dashboard panel. The meta box provides a number of checkboxes. When the post is saved, the value of these checkboxes are saved as a simple string in a custom field of the saved post.

The next time the post is opened in the Edit Post panel, the plugin checks for the custom field, and sets checkboxes as necessary.

I’m using nonces and authorization checking as outlined here
http://codex.wordpress.org/Function_Reference/add_meta_box
before the string is written to the post’s meta.

I’m also using the leading underscore trick to prevent the custom field and its value being visible in the Post Edit panel (though any values entered manually here would anyway be replaced by values from the form in the new meta box at post save time).

In this scenario, is there still a need to sanitize the custom field value before saving it to the post meta or when reading back from the meta?

a|x

Viewing 1 replies (of 1 total)

Thread Starter toneburst
(@toneburst)

15 years, 4 months ago

Anyone?

a|x

Viewing 1 replies (of 1 total)

The topic ‘Plugin Custom Field Value Sanitization’ is closed to new replies.

1 reply
1 participant
Last reply from: toneburst
Last activity: 15 years, 4 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics