- This topic has 2 replies, 2 voices, and was last updated 6 years, 3 months ago by
.
-
Posts
-
-
Hi,
> Piklist v. 0.9.9.4
> WPMU 4.3.1
> Custom settings page with tabs, capability set to “edit_pages” and capability filter enabling non admins save fields (as shown at the bottom od this page > https://piklist.com/user-guide/docs/settings-admin-page-parameters/)I’ve set up a settings page with a text field that should save text after sanitizing it with “html_class” or “file_name”. None of those actlually work. I’ve tried entering texts like “ą_- Ssś -” and they are saved without changes.
Next, I tried
type => 'text_field'and entered text “<b>nuasdkl</b>”. No change. < & > werent changed into entities thus this sanitization doesn’t work as well.EDIT.
I’ve just chencked another settings page without tabs. At first I thought that everything works correctly (1 field was saved correctly) but then I tried to save a few fields and noticed a pattern. When I enter data in 1 field only (other ones are empty), than it’s sanitized correctly. However, when I enter data in many fields than they are saved without sanitization.
EDIT 2.
The case above isn’t always true. I’ve tried entering data into a single field again but this time it didn’t get sanitized.
-
Hi,
I still have problems with sanitization of fields in settings pages. I’ve noticed that piklist sanitizes fields when other fields give an error (!) e.g. when they are required but have no content. When all required fields have some input than sanitization doesn’t work. I’ve recorded a video to illustrate > https://dl.dropboxusercontent.com/u/16604210/Piklist%20-%20saving%20settings%20and%20sanitization.wmv
-
-
- The topic ‘Sanitizing doesn't work for settings pages’ is closed to new replies.