I am using wp_insert_comment to offer an in-house better ajax conditional comments interface. i got it all working great. my only question is.
What security measures should i take to make sure i leave security holes?
the comments are submitted via ajax and so in the php file reciveing the data i use $_POST to collect data. How would you treat those inputs so make it bullet proof as possible and
I know how to secure forms so i am basicly asking:
Does wp_insert_comment run (After submission) trough any other built in wordpress functions?
wp_insert_comment()is low level function, it only saves passed data without concern for what it contains.If you are looking to replicate sanitizing WP does on comment data (totally good idea 🙂 you are probably looking for higher level
wp_new_comment().