i have a form in the wordpress front end ,
i use this to insert de value in database.
Example Post Action:
Supose $content get post value from wp_editor
$content="
<p style='font-size:12px;'>This is my name: peter</p>
<p>Photo</p>
<img src='images/photo.png' >
";
stripslashes(trim($content));
after this process i insert the value in database, row type longtext.
I’m not sure this is secure way to insert this data type in the database.
the other question is, how print this value? i read using addslashes but I’m not sure.
I don’t wan sql injection in my site.
Thanks!
I think you can safely use the function:
update_option() and get_option()
WP has already taken care of the protection of these functions.
If you are looking for custom solution, see database Data Validation.