nlublovary
Forum Replies Created
-
Forum: Plugins
In reply to: [WP Survey And Quiz Tool] Problem with unicode UTF-8jrf: htmlentities() will corrupt UTF-8 data unless the author would use the appropriate flags, the proper syntax would be:
htmlentities( $string, ENT_COMPAT, 'UTF-8' );While htmlentities() might be used to protect to a certain degree against XSS/SQL attacks, using it is bad practice. Folks recommend to use htmlspecialchars() instead, as it does the same, but doesn’t corrupt the UTF-8 data and it makes no sense to convert every character to it’s html representation, e.g.
être = être. Best would be to use the built-in function:esc_html($string)However, htmlentities() is applied to sanitize the data while displaying (echo), but the data itself is saved into the database as-is, including html tags and possible hacks. Perhaps it would be a good idea to wrap the data while saving e.g:
strip_tags($string)
Allowing html tags e.g. in the name of a new Quizz might break the layout, try this and you’ll get a blank page after saving:<script>My QuizzIt’s an old post, but for those who stumble uppon the same issue. Actually, you can vote on each picture, not only on the gallery as a whole. You should start looking at the FAQ, read
Ok, and how do I make the voting form appear for images?
You’ll have to add one line to gallery.php. Similar approach for comments as well. Cheers.
replace
<?with<?phpin these 2 files PageLayout.php Paginated.php, then it can be activated