You’re seeing this a month later than you could have. Sign up now to get development Cheat Codes just like this delivered directly into your inbox each week.
If you’ve worked with submitting form data in WordPress you may have run into issues with quotes being slashed.
WordPress automatically escapes single and double quotes from any user input data as a security measure.
Let’s say a user enters their name as “Mike O’Reilly”. If you were to access that data directly with $_POST['name']
it would output “Mike O\’Reilly”.
WordPress provides the wp_unslash
function to remove those slashes for use in your code. Using wp_unslash( $_POST['name'] );
would output “Mike O’Reilly”.
If you setup your editor to follow the WordPress Coding Standards, you’ll see that it reminds you to use wp_unslash
anytime you’re accessing $_POST
data among other user input data.
More Reading:
Good explanation of why
Coding standards