Building A Theme…lost me at the part of security inclusions.

  • Hey there.
    A few weeks ago, I began building a theme. It’s to the point now that I am running all of the final tests and making sure that it checks out with all of the guidelines.

    But once I got to Theme Security and Privacy…near the bottom of that list, there is the following:

    Themes are required to validate and sanitize all untrusted data before entering data into the database, and to escape all untrusted data before being output in the Settings form fields or in the Theme template files

    .
    and then it directs me to this page
    for instructions on how to get this done…

    When exactly does this apply to what I am doing?

Viewing 1 replies (of 1 total)

  • Sanitizing is the process of filtering any user-submitted input that comes in through any forms, or user interfaces to make sure that they don’t contain injected code. It wouldn’t do for a user to input a command to delete your entire database into the name field of login form, or a piece of code that sends all user emails and credit card numbers to another site that has been built to capture it.

    Sanitizing means that you convert all information being submitted to your website into a harmless form before it is stored into the database. This isn’t always important for theme developers, but many themes feature their own user interfaces, and extra features that write directly to the WordPress database. Thus, they need to make sure all user input is sanitized.

Viewing 1 replies (of 1 total)
  • The topic ‘Building A Theme…lost me at the part of security inclusions.’ is closed to new replies.