[resolved] Custom fields - how secure are they? (2 posts)

  1. richarduk
    Posted 5 years ago #

    I'm using custom fields that can be accessed by anyone. How secure are they? Do I need to add any extra data validation e.g. esc_sql( $sql ) ?

  2. richarduk
    Posted 5 years ago #

    I took an educated guess that custom fields are secure from malicious people. The only thing I did was strip out everything except strong elements.

    $allowed_html = array('strong' => array());
    $meta = wp_kses($meta, $allowed_html);
    //  Remove anything except the <strong></strong> element.
    // Thanks to:  http://ottopress.com/2010/wp-quickie-kses/

Topic Closed

This topic has been closed to new replies.

About this Topic