• Resolved Nick Ciske

    (@nickciske)


    Bonus points for sanitizing it when saving to the DB ??

    Current
    <?php echo $options['amp_analytics_ga_ua']; ?>

    <?php echo '"account":' . ' "' . $options["amp_analytics_ga_ua"] . '"' . "\n"; ?>

    Proposed
    <?php echo esc_attr( $options['amp_analytics_ga_ua'] ); ?>

    <?php echo '"account":' . ' "' . esc_js( $options["amp_analytics_ga_ua"] ) . '"' . "\n"; ?>

    https://www.ads-software.com/plugins/amp-analytics/

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Always be escaping (your output)’ is closed to new replies.