Data sanitization for user registration and user login
-
30-10-2019 - |
質問
What kinds of data sanitization I have to do if I make a front end login and registration system for wordpress users?
- For login function
wp_signon()
should I escape the data for possible sql injection or wordpress will automatically do it for me? - For registration I have found two function so far
wp_insert_user()
andwp_create_user()
and for updating userwp_update_user()
For the registration function I think wp_create_user()
will do the job for me. Again how much sanitization should i do?
Do i need to do the password hashing?
Also i have found some filters on the function reference page of the wp_create_user()
. Those are pre_user_user_pass
, pre_user_user_login
, pre_user_user_nicename
etc. Do, I need to use those filter before insert a new user?
正しい解決策はありません
所属していません wordpress.stackexchange