wp_dropdown_categories using a stored variable

  • I was trying to make a widget for my website and used the following code for the dropdown I made:

    function theDCriticDropdown($parameters) { ?>
   <center>
   <form action="https://www.dcritic.com/" method="get">
   <?php wp_dropdown_categories($parameters); ?>
   <br /><br />
   <input type="submit" name="submit" value="Go!" />
   </form><!--
   <?php echo $parameters; ?>
   -->
   </center>
<?php }

    For some reason, only the first parameter is being executed. My site is at https://www.dcritic.com.

    Please help soon,
    Ian

    Edit: My $parameters variable is “orderby=name&hierarchical=1&exclude=1,6,520,522,571,574”. Right now I hard-coded the contents of the variable and it’s working fine. I think it has something to do with htmlspecialchars();.

Viewing 1 replies (of 1 total)
  • Thread Starter dcritic

    (@dcritic)

    It’s working now. What can I use instead of htmlspecialchars(); to prevent XSS via the form for the widget?

Viewing 1 replies (of 1 total)
  • The topic ‘wp_dropdown_categories using a stored variable’ is closed to new replies.