[wp-hackers] Using the page_options field to create custom options
pages
Peter Westwood
peter.westwood at ftwr.co.uk
Wed Sep 12 11:52:37 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stephane Daury wrote:
>
> The standard WP way, yes.
>
> It's usually good enough for me for simple plugins, but when I write
> plugins that are tied to security (like my wpDirAuth LDAP plugin), I'm a
> bit more anal and pass integers through intval(), all the fields that do
> no require HTML through strip_tags(), and so on. If nothing else, my
> user base expects it and are prompt to remind me if not done. ;)
>
I guess sanitize_option should have a hook in the default case which
passes the value on to other code to be sanitized.
e.g.
$value = apply_filters("sanitize_option_{$option}", $option, $value);
That would allow plugins to use options.php and do custom sanitization.
westi
- --
Peter Westwood
http://blog.ftwr.co.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG59MFVPRdzag0AcURAk6YAJ9DjNWTCB9gI4iRmKf1jFpgV9orrACfcRh8
HEvH+LVftEdzoSlM8Xs9qdA=
=sRYj
-----END PGP SIGNATURE-----
More information about the wp-hackers
mailing list