I have a form that allows any registered user to submit a post (it’s a custom post type – forum related), and I’m using wp_insert_post() to insert it into the db.
From what I’ve seen in this function a sanitize_post() function is run automatically, but I think this only handles db escaping and such.
So how do I sanitize the input data the same way as the wp-admin editor does? I mean apply the kses filter and all the other stuff…
When a post is created/edited from the admin, edit_post() is called.
This function simply collects all the $_POST arguments and passes them to wp_update_post().
wp_update_post() then does some more logical checks and passes the data along to wp_insert_post().
wp_insert_post() calls sanitize_post(), which does all the heavy duty sanitization.
So, yes, wp_insert_post() is the correct way to do it.
Otto did a blog about using kses last year, see if that helps.
http://ottopress.com/2010/wp-quickie-kses/