Title: WPDB secure custom form
Last modified: August 22, 2016

---

# WPDB secure custom form

 *  [daimpa](https://wordpress.org/support/users/daimpa/)
 * (@daimpa)
 * [11 years, 4 months ago](https://wordpress.org/support/topic/wpdb-secure-custom-form/)
 * I’m creating a custom form to update rows in a secondary MYSQL DB, different 
   from the one of wordpress. This form is public and every user can access it. 
   So I’ve created a plugin and I’m using also wpdb to connect with the database.
 * How can I do this in a secure way?
 * I’m using sanitize_text_field() and then wpdb->update(). Is this safe or should
   I use esc_sql()?
 * If I can’t use wpdb->update() because I need to have some != fields in where 
   clauses, is it ok to use sanitize_text_field(), then wpdb->prepare() and then
   wpdb->query()?

The topic ‘WPDB secure custom form’ is closed to new replies.

## Tags

 * [form](https://wordpress.org/support/topic-tag/form/)
 * [MySQL](https://wordpress.org/support/topic-tag/mysql/)
 * [php](https://wordpress.org/support/topic-tag/php/)
 * [wpdb](https://wordpress.org/support/topic-tag/wpdb/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 0 replies
 * 1 participant
 * Last reply from: [daimpa](https://wordpress.org/support/users/daimpa/)
 * Last activity: [11 years, 4 months ago](https://wordpress.org/support/topic/wpdb-secure-custom-form/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics