Jump to content

Where to sanitize your data...


Recommended Posts

So, I have build a form, and I can call this in my template like:


After submitting this form, the data is passed to a function with all the input values to add the post.

Where do you sanitize your data? Is that the responsibility of the form, before passing the data to the function, or do you expect the function to sanitize the data before handling it?

Link to comment
Share on other sites

2 hours ago, spoetnik said:

Where do you sanitize your data?

At the earliest opportunity possible when it hits the server. This means in the function, or an intermediary function first, which then passes the clean data to the function that creates the post. If the data does not pass the sanitise process, we redirect back to the form. The form can do client-side validation, e.g. was the email input filled, does that look like an email, etc?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...