Submitting posts from the front end - sanitizing data
https://wordpress.stackexchange.com/questions/9515
-
16-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
I have a form that allows any registered user to submit a post (it's a custom post type - forum related), and I'm using wp_insert_post() to insert it into the db.
From what I've seen in this function a sanitize_post() function is run automatically, but I think this only handles db escaping and such.
So how do I sanitize the input data the same way as the wp-admin editor does? I mean apply the kses filter and all the other stuff...
해결책
When a post is created/edited from the admin, edit_post() is called.
This function simply collects all the $_POST arguments and passes them to wp_update_post().
wp_update_post() then does some more logical checks and passes the data along to wp_insert_post().
wp_insert_post() calls sanitize_post(), which does all the heavy duty sanitization.
So, yes, wp_insert_post() is the correct way to do it.
다른 팁
Otto did a blog about using kses last year, see if that helps.
http://ottopress.com/2010/wp-quickie-kses/
