[wp-hackers] Proper action to hook to save custom fields with comments?

Andrew Nacin wp at andrewnacin.com
Mon Sep 27 05:10:53 UTC 2010


On Sun, Sep 26, 2010 at 11:17 PM, Ryan Bilesky <rbilesky at gmail.com> wrote:

> try this
>
> add_action ('comment_post', 'add_meta_settings', 1);
>
> function add_meta_settings($comment_id) {
>     add_comment_meta($comment_id, 'my_custom_stuff,
> $_POST['my_custom_stuff], true);
> }
>

Please don't use $_POST directly. This is considered unsafe.
http://codex.wordpress.org/Data_Validation


More information about the wp-hackers mailing list