I’m looking into wordpress plugin, and it has a form with input field like

Question

0

Asked: June 6, 20262026-06-06T14:39:48+00:00 2026-06-06T14:39:48+00:00

I’m looking into wordpress plugin, and it has a form with input field like

0

I’m looking into wordpress plugin, and it has a form with input field like this:

<input type="text" name="user_email" id="email1" value="'.strip_tags($_POST['user_email']).'"  class="short" tabindex="2" />

So strip_tags in value means that anything submitted through this input will be tag striped? against SQL inject?

Should not this security measure be implemented on target file of this form instead?

I’m having trouble understanding if this would be any help in securing against sql injections

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-06T14:39:49+00:00

Editorial Team

2026-06-06T14:39:49+00:00Added an answer on June 6, 2026 at 2:39 pm

It will be tag striped only this time (setting value to HTML input field — assuming this is done server-side when generating HTML content). You have to do same thing when accessing database with parameters.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m looking into wordpress plugin, and it has a form with input field like

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply