Replacing mysql_escape_string in a custom plugin when moving to PHP7

You don’t need to sanitize the variables that are passed to wp_update_post() because wp_update_post() after some checks pass the data to wp_insert_post() and wp_insert_post() calls sanitize_post(), which does the sanitization of all arguments.

Also add_post_meta and update_post_meta also do all the sanitization for you.

To answer your question I would replace mysql_escape_string with $wpdb->esc_sql($_POST[$value]). It calls mysqli_real_escape_string if supported or mysql_real_escape_string otherwise.

BUT whenever you echo inside an HTML code you should always escape the values by using esc_html($value), esc_url($url), esc_attr($attribute) etc.

More: Data Validation

Related Posts:

  1. Undefined function mysql_connect()
  2. MySQL column count doesn’t match value count at row 1 [closed]
  3. Fatal error: Call to undefined function mysql_connect()
  4. the_date() not working
  5. How to return number of found rows from SELECT query
  6. Check if post of title already exists
  7. $wpdb->delete column values IN ARRAY()?
  8. How to make WordPress plugin check for database changes and then do something?
  9. Custom SQL query to get List of posts with featured image url
  10. Delete post revisions on post publish
  11. Problems migrating WordPress to localhost
  12. error importing localhost export file to server
  13. How to sort results from a custom database table
  14. Update some database fields when post is saved
  15. Successful or Error Message after running mysql code in functions.php
  16. sql query to put quotes around numbers in img tag
  17. Use ajax to update_post_meta
  18. PHP/MySQL issues when running WP on EC2 cloud [closed]
  19. WordPress get pagination on wpdb get_results
  20. How to create another version of my site based on the same database
  21. Strange wordpress slowness
  22. Looking for most performant way to execute several similar WP queries within shortcodes
  23. Setting All Drafts to ‘exclude-from-catalog’ in WooCommerce
  24. Stumped on migration
  25. PHP code inside shortcodes
  26. Show MySQL errors that occur when I excute $wpdb->insert()
  27. Is XAMPP faster than running LAMP in WSL on Windows 10? [closed]
  28. WordPress Site Running Extremely Slow on Dedicated Server
  29. Get updated query results on page after insert in database
  30. WSoD being caused by this piece of code
  31. WordPress not reflecting changed of the database
  32. How can I fix WordPress installation errors?
  33. How to display data from custom table in wordpress phpmyadmin
  34. How to split links generated into an xml sitemap to avoid exceeding 30 sec maximum execution time?
  35. Hacked WordPress website /Homepage redirect [closed]
  36. get_posts() and WP_query limits ‘AND’ conditions to a maximum of 6 for meta value queries in WordPress
  37. Weird 404 URL Problem – domain name being placed at end of urls
  38. database sent to a JSON file
  39. $wpdb->insert() does not Insert record in a table
  40. WordPress SQL injection
  41. multiple where condition in result query
  42. Grouping posts by a custom meta value
  43. Mixing variables into an array when inserting values
  44. wpdb prepare insert table doesn’t work
  45. Should I use WordPress to skin a database website?
  46. WordPress Custom SQL Table with UserID Filter for results
  47. How can I add a new row in a separate database when someone registers via WordPress?
  48. I can’t update my data through $wpdb
  49. Output: “Array”
  50. How to use mysql LIKE with wpdb?
  51. How to use AJAX in WordPress in MYSQL query?
  52. Use variable in SQL statement
  53. Live search from database table
  54. Processing ajax call to php to insert into mysql database
  55. phpMyAdmin error #1062 – Duplicate entry ‘1’ for key ‘PRIMARY’
  56. Add row to custom database Table and delete all rows older than 1 day
  57. How to create Loop code for Menu using WordPress?
  58. WordPress Custom Query: Combining Two Functions
  59. MySQL Query Returns Array () In Shortcode
  60. How to WP_Query posts order by parent title?
  61. Passing in MySQL prepare statement parameter separately throwing error
  62. Convert a column of a table containing an Array as response in HTML
  63. Database SQL query error
  64. Error establishing a database connection (Set-up locally)
  65. MYSQL TIMESTAMP when adding DATE_FORMAT then the output is blank, PHP conflict?
  66. Updated Php version from 5.4 to 7.2 and getting “PHP installation missing the MySQL extension needed by WordPress”
  67. how to get data from two different table from wordpress database
  68. Passing Current User ID into SQL statement
  69. How to optimize and reduce excessive database queries
  70. How to insert multiple rows and columns in database using array
  71. Store GA Client ID in User DB
  72. PHP 7.2.18 | Your PHP installation appears to be missing the MySQL extension which is required by WordPress
  73. Windows Setup: Error establishing a database connection
  74. Need help with format of nested array in MySQL
  75. WP + MySql db / PHP
  76. WAMP SERVER Command Prompt SET PATH=%PATH%
  77. append data to mysql table via submit button coded in php – not working
  78. Inserting other fields to existing registration form in a WordPress theme
  79. How to do a MySql query in WordPress?
  80. Advanced WordPress SQL Query
  81. Splitting table data to pages with numbers
  82. How can get all users by current user meta (array)?
  83. Site doesnt work once PHP changed to 7.1
  84. How to detect if a revision was made by woocommerce or wordpress?
  85. WordPress WPDB::insert 13th param is always blank (only if format)
  86. Ajax not updating to database
  87. can’t delete a row from post_meta table
  88. MySQL query in WordPress with AJAX
  89. Processing forms with php to wordpress database
  90. How to set max users to 17.000
  91. How to connect database table to each registered wordpress user.
  92. retrieve wordpress post-meta using php not wordpress functions
  93. Splash pages on a high traffic site
  94. Using the same shortcode to show any table from the database
  95. I am unable to fetch json data from wp_db
  96. Submit cf7 form to cfdb as pdf/BLOB [closed]
  97. How to send push notification in android using php? [closed]
  98. How to set variable to specific field when querying
  99. How to get a database field value from a WordPress table? [closed]
  100. Error resetting database index using ALTER TABLE in $wpdb->query