[wp-hackers] Proper action to hook to save custom fields with comments?
Andrew Nacin
wp at andrewnacin.com
Mon Sep 27 05:10:53 UTC 2010
On Sun, Sep 26, 2010 at 11:17 PM, Ryan Bilesky <rbilesky at gmail.com> wrote:
> try this
>
> add_action ('comment_post', 'add_meta_settings', 1);
>
> function add_meta_settings($comment_id) {
> add_comment_meta($comment_id, 'my_custom_stuff,
> $_POST['my_custom_stuff], true);
> }
>
Please don't use $_POST directly. This is considered unsafe.
http://codex.wordpress.org/Data_Validation
More information about the wp-hackers
mailing list