Home › Forums › Front-end Issues › Is sanitization required for front end form? › Reply To: Is sanitization required for front end form?
Hi Elliot,
Many thanks for the quick response.
I’ve had a look at update_postmeta in post.php, which in turn calls update_metadata in meta.php.
update_metadata calls a sanitize_meta function (also in meta.php), but what I’m not sure is what this does exactly – this is the function:
function sanitize_meta( $meta_key, $meta_value, $meta_type ) { return apply_filters( "sanitize_{$meta_type}_meta_{$meta_key}", $meta_value, $meta_key, $meta_type );
}
According to Codex:
‘Applies filters that can be hooked to perform specific sanitization procedures for the particular metadata type and key. Does not sanitize anything on it’s own. Custom filters must be hooked in to do the work. The filter hook tag has the form “sanitize_{$meta_type}_meta_{$meta_key}”. ‘
But this is where I get a bit lost… does this mean data is being sanatized or not?!
Also – do you know whether it’s just update_postmeta I need to worry about, or are there any other methods used too?
Many thanks for your help.
Sarah
Welcome to the Advanced Custom Fields community forum.
Browse through ideas, snippets of code, questions and answers between fellow ACF users
Helping others is a great way to earn karma, gain badges and help ACF development!
We use cookies to offer you a better browsing experience, analyze site traffic and personalize content. Read about how we use cookies and how you can control them in our Privacy Policy. If you continue to use this site, you consent to our use of cookies.