You must escape any and all user input. When displaying user content on HTML pages, use htmlspecialchars() https://www.php.net/manual/en/function. ... lchars.php. Inside views and layouts you can use escape() method.
In database queries use parameters https://manual.joomla.org/docs/general- ... nsert-data.
In database queries use parameters https://manual.joomla.org/docs/general- ... nsert-data.
Statistics: Posted by SharkyKZ — Tue Oct 15, 2024 5:31 am