Daniel Bachhuber who works with WordPress.com VIP Services has published a guide covering some key differences with data validation and sanitization. His explanation is not so technical that even I understood it for the most part. If you’re a developer, definitely give the guide a read and give Daniel some feedback.
Category: WordPress
That’s a good post! Here’s how I describe the difference:
Validation ensures that data are in the correct format/type, and within appropriate bounds.
Sanitization ensures that data are safe, whether it is KSES-type scrubbing of malicious data, or escaping data appropriately for context.