I'm looking into wordpress plugin, and it has a form with input field like this:
<pre class="lang-html prettyprint-override">
So strip_tags in value means that anything submitted through this input will be tag striped? against SQL inject?
Should not this security measure be implemented on target file of this form instead?
I'm having trouble understanding if this would be any help in securing against sql injections
<pre class="lang-html prettyprint-override">
Code:
<input type="text" name="user_email" id="email1" value="'.strip_tags($_POST['user_email']).'" class="short" tabindex="2" />So strip_tags in value means that anything submitted through this input will be tag striped? against SQL inject?
Should not this security measure be implemented on target file of this form instead?
I'm having trouble understanding if this would be any help in securing against sql injections