The widget configuration panel that was put in place in the previous recipe was functional, allowing users to change options and save updated values in the website database. That being said, all WordPress does by default when the user saves a widget is store values directly to the site database. Since accepting user data blindly can lead to functionality problems and security risks if wrong or malicious values are entered, it is preferable to add data validation rules through the creation of an update
method that will be able to verify configuration data before it is saved. This recipe shows how to implement a widget's update
method.
You should have already followed the Displaying configuration options recipe to have a starting point for this recipe. Alternatively, you can get the resulting code (Chapter 10/ch10-book-review-widget/ch10-book-review-widget-v2.php
) from the code bundle and rename the file as ch10-book-review-widget.php
.