Anyway, all of the above is still about filtering variables. What about inputs, though? That is, those that come from $_POST or $_GET. It’s possible to use a similar strategy with a different function and different filter set.
But if you understand the basics presented in the last post, then this post will not be very different.
I’ve talked about data sanitization in WordPress in previous posts. This is a topic that’s important not only for those of us working to build solutions for others in WordPress, but also for those who are writing code that will directly interact with a database via PHP.
Sure, there are native WordPress functions to make this process easier, but there are also built-in PHP filtering functions to help with this. Namely filter_var and filter_input and these are things that I think are helpful for PHP developers to know.
After you’ve worked with WordPress for any extended amount of time, it’s likely that you’ve worked with post metadata in some capacity. Perhaps you’ve simply read metadata from the database, or maybe you’ve both written to and read from the database table, as well.
It can be a really powerful API whenever you need to associate certain information with your posts (or, if you’re into abstracting things even more, to your models).
That said, what happens when you want to include information from the metadata table but don’t have the convenience of plugins such as SearchWP or Relevanssi?
Furthermore, assume the use case is just for administrators and it’s only for the administration area of WordPress. That is, you want to search your posts from within the All Posts screen but you want to include the post metadata in the search criteria, as well.
Over the past few years, I’ve spent a significant amount of time writing about a lot of things on how to achieve certain things in WordPress. And I don’t regret it (after all, it’s my career and it’s even the subtitle and focus of this blog).
But one of the things that I’ve opted to neglect is a focus more on topics that interest me such as object-oriented analysis, programming, design, and implementation. (And, of course, doing so within the context of WordPress.)
And sure, there are some articles where I’ve touched on it but I recently took a week off of pretty much everything except my family and during that time, I took stock of a variety of things.
One of those things included this particular site, its content, and the general focus of my career.
A few months ago, I had the pleasure of writing the forward to Cal Evans book Using the WordPress REST API. Shortly thereafter, Cal asked if I’d join him on his podcast, Voices of the elePHPant, to talk a bit about software development in the context of WordPress.
And given that that’s what I’ve spent the majority of my career doing, it made sense to participate.
This not only gave me a chance to catch up with Cal “face-to-face” but also to share a bit about what it’s like working in this particular corner of the PHP community and in the WordPress economy.