How to Sanitize

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hello there! Data escaping is a tricky task, but it’s super-important to ensuring your users’ sites are secure, so it’s great you’re making this a priority! ??

    Since this is data that’s being output to the user, we’ll be looking at escaping output data here.

    Your first line:

    <input type="radio" name="showit" value="Y" <?php echo $opt['ShowIt'] == 'Y' ? 'checked="checked"' : '' ?> />

    Is fine as-is, since the data isn’t being output; it’s just being used as an if condition.

    Your second line would need some escaping:

    <input type="text" name="loveit" value="<?php echo esc_attr( get_option('Love') );?>" />

    Since it’s an attribute (the value of value) you’d use esc_attr here.

    If that doesn’t do the trick, perhaps you can let us know what error you’re receiving, and we can bugfix a bit. ??

    Thread Starter plzshareme

    (@plzshareme)

    thanks sarah!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘How to Sanitize’ is closed to new replies.