Support » Plugin: Contact Form 7 » Text fields sanitization

  • mconsiglio

    (@mconsiglio)


    The web agency I for has more than 100 websites, almost all of them were attached from some malware. So I asked an expert developer what could be the cause of this massive attack, and he suggested to me that could the form that non sanitized the string in before sending them out.

    He suggested adding these function to make any code harmless:

    htmlspecialchars_decode(htmlentities(addslashes($text_input)))

    Can you tall me if the plugin does this sanitization, or not? If it doesn’t, can you add in the next version?

Viewing 4 replies - 1 through 4 (of 4 total)
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Text fields sanitization’ is closed to new replies.