FILTER_SANITIZE_STRING warning

  • Resolved roadlink

    (@roadlink)


    2 years, 10 months ago

    Hi there,

    This plugin uses the deprecated ( as of PHP 8.1.0 ) FILTER_SANITIZE_STRING in ml-slider\admin\Table.php line 137.

        protected function process_action()
    {
        if (isset($_POST['_wpnonce']) && ! empty($_POST['_wpnonce'])) {
            $nonce  = filter_input( INPUT_POST, '_wpnonce', FILTER_SANITIZE_STRING );
            $action = 'bulk-' . $this->_args['plural'];
            if ( ! wp_verify_nonce($nonce, $action)) {
                wp_die( 'Nope! Security check failed!' );
            }
        }

    According to PHP.net it should be replaced with htmlspecialchars() – https://www.php.net/manual/en/function.htmlspecialchars.php

    Looking forward to an update on this issue.

    Thank you!

Viewing 1 replies (of 1 total)
  • Plugin Author Steve Burge

    (@stevejburge)

    2 years, 10 months ago

    Thanks for catching that @roadlink

    Yes, 100% we’ll get that done.

    We’re working a clean up of all these items before WordPress 6.3 arrives with better support for 8.1 and 8.2.

Viewing 1 replies (of 1 total)

The topic ‘FILTER_SANITIZE_STRING warning’ is closed to new replies.