Hello all,
I am working on a site where users can edit post meta, add new posts, and update user meta.
Are there any security best practices to follow when allowing users to insert data into the database?
So far it looks like everything is sanitized when users add data via text fields. But, I wanted to see if anyone had any thoughts about this type of action.
Allowing users to insert data into the database does make me pause for a second to weigh the pros and cons.
Thanks for the conversation.
John