Single quote error on DB query (correction)

  • As a matter of fact, previous topic should not have been closed. Sorry I did not reply on that particular issue earlier…

    The use of sanitize_text_field on URL (in fnGetSearchEngineID and fnGetToolBarID ) is not enough as it doesn’t treat single quote (unless you add this behavior by adding a filter, as sanitize_text_field is an helper call).

    I did correct the behavior using addslashes in those functions as follow:

    $url = addslashes($url);

    I suggest you this correction, at least as a complement to sanitize_text_field on those two particular functions (on my side I did remove the call to sanitize_text_field).

    Thanks

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author osama.esh

    (@osamaesh)

    hello,
    thanks for this important note, we will take it into account in the next release

    thanks again

Viewing 1 replies (of 1 total)
  • The topic ‘Single quote error on DB query (correction)’ is closed to new replies.