Actions
Support #3459
closedFormElement: sanatize input via htmlentities
Status:
Closed
Priority:
Normal
Assignee:
Carsten Rose
Target version:
-
Start date:
29.03.2017
Due date:
% Done:
0%
Estimated time:
Discuss:
Prio Planung:
Vote:
Description
- New checkbox, per FormElement, to switch on/off 'htmlentities()' before save.
- Table 'FormElement' new columns 'encodeHtmlEntity' yes/no.
- On creation of the colunmn , set default to 'no'.
- Than change the default to 'yes'
- Adjust FormEditor/FormElementEditor to 'yes' but Note.
- There different ways to input data (direct keystroke, Unicode number, ...) - ist there a way to unify the input and then to do html_entities() ? Check book PHP-Security.
Actions