- This topic has 29 replies, 6 voices, and was last updated 10 months, 1 week ago by .
-
Topic
-
Hi Support,
I see that the plugin is not sanitizing user input as per field type.
For instance, text field should be sanitized using the WordPress built-in function
sanitize_text_field()
function.
Link: https://developer.wordpress.org/reference/functions/sanitize_text_field/Here is the Recordit Screencast for what i am trying to show:
https://recordit.co/wX2MWS8yjENotice that if a user enters a script, it gets saved to Database as-is without going through text field sanitization.
I understand not every developer want to run it through this method. Is there a way for me to run the input through these sanitization methods?something like this where we can add the sanitization method to use as parameter in field array config:
https://github.com/boospot/boo-settings-helper/wiki/Fields-Configuration
Notice thesanitize_callback
array parameter.
Its usage is defined here:
https://github.com/boospot/boo-settings-helper/wiki/Fields-Configuration#sanitize_callbackSimilar goes with other field types.
Let me know if you need more clarification on this.
- You must be logged in to reply to this topic.