wpdb->query() is just running the query. It doesn’t do anything special. And strip_invalid_text_from_query() based on the inline documentation is just stripping invalid characters in the query. And, for your information, something like line-breaks doesn’t break the database. The database can accept any string data. You just have to make sure it correctly escaped when the … Read more
Of course you do have to sanitize it and escape it. Otherwise any author/editor of the site will be able to perform any query on your database. First of all you should never create SQL queries like you do in your code. Never concatenate the raw SQL with anything that is variable or comes from … Read more
Data Validation & Sanitization for Big HTML Blocks
Customizer textarea with script tag won’t work in live preview
How to use wp_filter_oembed_result?
I don´t know if checkboxes need sanitze or validate… Yes, you should sanitize. Otherwise, malicious users or codes could modify values into your database. Take a look into sanitize_option documentation. Validation is up to you. If options must be checked for some reason (e.g.: at least 2 options checked), you should validate it and provide … Read more
I’m not completely sure what you mean to do, but are you looking for sanitize_text_field? $array = array_map( ‘sanitize_text_field’, $array );
Solved. After much digging I eventually came upon this: remove_filter (‘the_title’, ‘wptexturize’);
how to sanitize customizer checkbox control
Can non-latin characters appear in slugs?