WordPress, while often mis-categorized as an insecure platform, has a ton of extremely useful data sanitization functions we can utilize while building themes and plugins. Yes it’s a bit of extra work, but it’s super important.
This article outlines quite a few use cases and targeted responses that likely occur on every one of our projects, so there’s a good chance it covers something you haven’t implemented before. I really enjoy articles like this because I very often find out about a new function I hadn’t heard of before. In this article I learned about
zeroise(); never used that one before. One other one I discovered some time ago but find many people don’t utilize is
is_email() and instead end up implementing one of the many wacky regular expressions to accomplish the task.
Further, this article offers some insight on when to use what, which is often very confusing as you’re getting more advanced with your programming. Some really good stuff in this comprehensive piece.