We have enabled Services with REST server on Drupal. Our end point collects various text fields through the web service and creates a custom content type node (based on CCK type). Later our custom content type node is displayed to the users using Drupal Views
What kind of sanitization should be done before saving the input content from web services in out custom node? At the moment we are doing the following check_plain($user_input);
This creates problems with special characters like quotes, &, etc get displayed as ascii codes. Using check_plain() during input sanitization seems incorrect as indicated here. Is this true?
Does Drupal Services/Node save handle sanitization internally or the input needs to be sanitized by custom code, if so what are those methods?
