halben Posted January 14, 2014 Share Posted January 14, 2014 I'm currently working on a WordPress website project and I am hoping someone can help me out on this. In the registration page, the data entered is stored into the WordPress database. I've also build a connection to store those data into an external database as well. So basically, If a visitor registers on the site, their data info is stored in the WP and external DB. My question is since the external DB relies on checking to see if the submit button has been pressed, do those data input values need to be escaped to prevent sql injection into the external DB since the data submitted to WordPress has already been sql escaped? Thanks for helping. Quote Link to comment https://forums.phpfreaks.com/topic/285360-in-wordpress-should-i-escape-input-variable-to-external-database-besides-the-wp-db/ Share on other sites More sharing options...
computermax2328 Posted January 14, 2014 Share Posted January 14, 2014 Hey Halben, If you are using two different scripts to process the data then yes. Could you explain your data flow a little more? Right now I am assuming that you have two different scripts, one that is a part of Wordpress' core files and another one that you created. If that is the case then yes because that would be two different data processes. If you are somehow extracting the data from the Wordpress database to the external database then I think you should be good, but I don't think that is the case here. Wordpress would be synthesizing that data for you. Let me know about your data flow, Quote Link to comment https://forums.phpfreaks.com/topic/285360-in-wordpress-should-i-escape-input-variable-to-external-database-besides-the-wp-db/#findComment-1465293 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.