[wp-hackers] Sanitizing PHP code snippets in meta
xoodrew at gmail.com
Sun Aug 19 22:06:11 UTC 2012
I'm working on a project where I need to store PHP code snippets in meta
for a custom post type.
I'll be using a textarea field for entry in deference to wp_editor (mostly
due to wanting to use a syntax highlighter).
Just wondering whether I need to sanitize that data in some way before
storing it in the database. I don't know if some form of kses is already
being run on custom fields and whether there's a security/stability
argument to be made about storing or not storing code snippets in this way.
Appreciate any insight,
More information about the wp-hackers