It’s a good practice to sanitize anything coming from user-land as soon as you begin to interact with it, treating it as potentially malicious right away. A: Even on large strings WP_KSES_* will not add a significant overhead to your pageload.Otherwise, we’ll save the properly validated zipcode.Note that we could go even further and make sure the the zip code is actually a valid one based on ranges and lengths we expect (e.g.We then check to see if the value ended up as zero.
If it did, we’ll save an empty value to the database.
Most of your pageloads should be cached pageloads and the first thing to focus on should be to make sure as many of your end users as possible are getting cached pages.
Validating wordpress comments