davidtrancart
New Member
Hi,
I am new to Fabrik an am working on a project currently where there are some calc elements.
Inside those calc elements in php, we are using {placeholder}s which are, for the most some, user input string, from forms.
If a quote is inside those placeholder, it causes problems in the php code of the calc element as it is not htmlspecialchars()ed.
$int1 = '{placeholder};
What is the correct way to use those placeholders in the calc php code to avoid code injection by user input text.
Thanks for knowledge.
I am new to Fabrik an am working on a project currently where there are some calc elements.
Inside those calc elements in php, we are using {placeholder}s which are, for the most some, user input string, from forms.
If a quote is inside those placeholder, it causes problems in the php code of the calc element as it is not htmlspecialchars()ed.
$int1 = '{placeholder};
What is the correct way to use those placeholders in the calc php code to avoid code injection by user input text.
Thanks for knowledge.